Goal: Set a cookie from aws serverless.
I'm using a custom authentication flow
domain: mydomain.com
current domain: dev.mydomain.com
login api (api gateway): account-api.mydomain.com
Login Lambda
the login function is the actual function invoked
This lambda receives a username & password and creates/returns a JWT & cookie string, I've removed non-pertinent logic
*Right now my response contains extra stuff to help me debug/figure out how to map -- I'll be migrating it out once this is successfully setting the cookie
...
const handler = async event => {
const jwtBody = {
email: event.email,
uuid: current_user_info.uuid.S,
zipcode: current_user_info.zipcode.S,
}
var now = new Date();
var time = now.getTime();
var expireTime = time + (milliToHour*24*10);
now.setTime(expireTime);
var jwt = jsonwebtoken.sign(jwtBody, SMCData.secret, { algorithm: SMCData.alg, expiresIn: '1hr'});
const cookieString = "token="+jwt+";expires=" + now.toUTCString() + ";secure;HttpOnly;"
return {
statusCode: 200,
payload: {
verified: current_user_info.verified.BOOL,
jwt: jwt,
cookie: cookieString
}
}
}
const login = middy(handler).use(cors({
origins:[
"https://dev.mydomain.com",
"https://account-api.mydomain.com",
"https://*.mydomain.com"
],
credentials:true
}))
Current Status - postman
post_body = {
"email": "valid_email@email.com",
"password": "correct_password"
}
response_body = {
"statusCode":200,
"payload":{
"verified":false,
"jwt":"eyJh...KAQ",
"cookie":"token=ey...KAQ;expires=Tue, 12 Nov 2019 22:10:32 GMT;secure;HttpOnly;"
}
}
Current Status - chrome
post_body = {
"email": "valid_email@email.com",
"password": "correct_password"
}
response_body = {
"statusCode":200,
"payload":{
"verified":false,
"jwt":"eyJh...KAQ",
"cookie":"token=ey...KAQ;expires=Tue, 12 Nov 2019 22:10:32 GMT;secure;HttpOnly;"
}
}
API Gateway Configuration CORS is enabled
*I Know I'm 'supposed' to change the mapping value in the integration response into a mapping template, but I wanted to get things working before I figured out how to make that change.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.