stackoom
  简体   繁体   中英

set-cookie AWS Serverless

 原文  2019-11-02 22:21:37       node.js/ cookies/ aws-lambda/ aws-api-gateway

Question

Goal: Set a cookie from aws serverless.

I'm using a custom authentication flow

domain: mydomain.com
current domain: dev.mydomain.com
login api (api gateway): account-api.mydomain.com

Login Lambda
the login function is the actual function invoked

This lambda receives a username & password and creates/returns a JWT & cookie string, I've removed non-pertinent logic

*Right now my response contains extra stuff to help me debug/figure out how to map -- I'll be migrating it out once this is successfully setting the cookie 

...
const handler = async event => {
  const jwtBody = {
    email: event.email,
    uuid: current_user_info.uuid.S,
    zipcode: current_user_info.zipcode.S,
  }

  var now = new Date();
  var time = now.getTime();
  var expireTime = time + (milliToHour*24*10);
  now.setTime(expireTime);

  var jwt = jsonwebtoken.sign(jwtBody, SMCData.secret, { algorithm: SMCData.alg, expiresIn: '1hr'});
  const cookieString = "token="+jwt+";expires=" + now.toUTCString() + ";secure;HttpOnly;"

  return {
    statusCode: 200,
    payload: {
      verified: current_user_info.verified.BOOL,
      jwt: jwt,
      cookie: cookieString
    }
  }
}

const login = middy(handler).use(cors({
  origins:[
    "https://dev.mydomain.com",
    "https://account-api.mydomain.com",
    "https://*.mydomain.com"
  ],
  credentials:true
}))

Current Status - postman

post_body = {
  "email": "valid_email@email.com",
  "password": "correct_password"
}

response_body = {
  "statusCode":200,
  "payload":{
    "verified":false,
    "jwt":"eyJh...KAQ",
    "cookie":"token=ey...KAQ;expires=Tue, 12 Nov 2019 22:10:32 GMT;secure;HttpOnly;"
  }
}

cookie is also set: Postman 正确设置了 cookie

Current Status - chrome

Headers: Chrome 登录标题

post_body = {
  "email": "valid_email@email.com",
  "password": "correct_password"
}

response_body = {
  "statusCode":200,
  "payload":{
    "verified":false,
    "jwt":"eyJh...KAQ",
    "cookie":"token=ey...KAQ;expires=Tue, 12 Nov 2019 22:10:32 GMT;secure;HttpOnly;"
  }
}

cookie is not set: Chrome 没有设置 cookie

API Gateway Configuration CORS is enabled API 网关方法响应 API 网关集成响应 *I Know I'm 'supposed' to change the mapping value in the integration response into a mapping template, but I wanted to get things working before I figured out how to make that change.

1 answers

solution1
 1 ACCPTED  2019-11-02 23:15:12

It helps when you setup cors properly in API Gateway. DOH!

方法 一体化

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to allow set-cookie to be sent in AWS HTTP API Gateway? Cookie in Set-Cookie header not being set Set-Cookie add 2 cookies Set-Cookie header no longer removing cookie Set-Cookie header not being sent API Gateway Set-Cookie with Lambda Proxy Set-Cookie not sended on HTTP response header Does Set-Cookie ever contain more than one cookie? Set-Cookie in response header is not saved into browser cookie storage res.setHeader(“Set-Cookie”, …) is not setting the cookie in Node / Express
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM