AWS Cognito:验证用户的删除
[英]AWS Cognito: Verify deletion of user
问题描述
We need a verification step for user deletion through AWS Cognito.
我们需要一个通过 AWS Cognito 删除用户的验证步骤。
Upon requesting delete a verification code should be sent to the users email address (like it's done with sign-up).在请求删除时,应将验证码发送到用户 email 地址(就像注册时一样)。
All AWS Cognito offers is:所有 AWS Cognito 提供的是:
- DeleteUser : only needs a access token DeleteUser :只需要一个访问令牌
- AdminDeleteUser : only needs a username AdminDeleteUser :只需要一个用户名
How would you incorporate the verification step for deletion into AWS Cognito?您将如何将删除验证步骤合并到 AWS Cognito 中?
Side note: We're using Lambda in combination with API Gateway to handle all our requests to Cognito.旁注:我们将 Lambda 与 API 网关结合使用来处理我们对 Cognito 的所有请求。
1 个解决方案
解决方案1
1 2021-08-03 11:38:26
This flow is not natively supported by Cognito, meaning, if you want to achieve this, you'll have to implement this flow manually as one (or two) endpoints on your API Gateway and a Lambda which in turn uses the AdminDeleteUser functionality. Cognito 本身不支持此流程,这意味着,如果您想实现此流程,则必须在 API 网关和 Lambda 上手动实施此流程作为一个(或两个)端点,后者又使用AdminDeleteUser功能。
Simple example:简单示例:
- GET /user/delete: Create a JWT token, send an email to the user with a link, including a token to verify the deletion request. GET /user/delete:创建一个 JWT 令牌,向用户发送一个带有链接的 email,其中包括用于验证删除请求的令牌。 The token can contain the username and an expiration time.令牌可以包含用户名和过期时间。 (You can use Amazon SES to send the email). (您可以使用 Amazon SES 发送电子邮件)。
- GET /user/delete?token=verificationToken: Extract the username from the token and execute
AdminDeleteUserusing the username.GET /user/delete?token=verificationToken:从token中提取用户名,使用用户名执行AdminDeleteUser。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.