[英]Nest.js with AWS Cognito, How to get access to the user attributes
我已经创建了Nest.js应用程序。 我使用AWS Cognito来管理用户身份验证和授权。 我使用amazon-cognito-identity-js处理用户登录/注销,使用@nestjs/passport / @UseGuards(AuthGuard('jwt'))验证令牌和用户对路由的访问。 现在我需要在应用程序的其他路由中访问当前用户属性(电子邮件、电话号码...)。 做这个的最好方式是什么?
授权服务.ts
import { AuthConfig } from './auth.config';
import { Injectable } from '@nestjs/common';
import {
AuthenticationDetails,
CognitoUser,
CognitoUserPool,
CognitoUserAttribute,
} from 'amazon-cognito-identity-js';
@Injectable()
export class AuthService {
private userPool: CognitoUserPool;
private sessionUserAttributes: {};
constructor(private readonly authConfig: AuthConfig) {
this.userPool = new CognitoUserPool({
UserPoolId: this.authConfig.userPoolId,
ClientId: this.authConfig.clientId,
});
}
registerUser(registerRequest: {
name: string;
email: string;
password: string;
}) {
const { name, email, password } = registerRequest;
return new Promise((resolve, reject) => {
return this.userPool.signUp(
name,
password,
[new CognitoUserAttribute({ Name: 'email', Value: email })],
null,
(err, result) => {
if (!result) {
reject(err);
} else {
resolve(result.user);
}
},
);
});
}
authenticateUser(user: { name: string; password: string }) {
const { name, password } = user;
const authenticationDetails = new AuthenticationDetails({
Username: name,
Password: password,
});
const userData = {
Username: name,
Pool: this.userPool,
};
const newUser = new CognitoUser(userData);
return new Promise((resolve, reject) => {
return newUser.authenticateUser(authenticationDetails, {
onSuccess: (result) => {
resolve(result);
},
onFailure: (err) => {
reject(err);
},
});
});
}
}
jwt.strategi.ts
import { ExtractJwt, Strategy } from 'passport-jwt';
import { PassportStrategy } from '@nestjs/passport';
import { Injectable } from '@nestjs/common';
import { AuthService } from './auth.service';
import { passportJwtSecret } from 'jwks-rsa';
import { AuthConfig } from './auth.config';
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor(
private readonly authService: AuthService,
private authConfig: AuthConfig,
) {
super({
secretOrKeyProvider: passportJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `${authConfig.authority}/.well-known/jwks.json`,
}),
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
audience: authConfig.clientId,
issuer: authConfig.authority,
algorithms: ['RS256'],
});
}
public async validate(payload: any) {
return !!payload.sub;
}
}
app.controller.ts
import { Controller, Get, UseGuards, Header } from '@nestjs/common';
import { AppService } from './app.service';
import { AuthGuard } from '@nestjs/passport';
@Controller()
export class AppController {
constructor(private readonly appService: AppService) {}
@Get()
@UseGuards(AuthGuard('jwt'))
@Header('Content-Type', 'text/html')
getHello(): string {
return this.appService.getHello();
}
}
当 passport 成功验证用户时, user被设置为请求的属性。
该请求可以注入您的 controller,然后访问用户属性。
import { Controller, Get, UseGuards, Header, Request } from '@nestjs/common';
import { AppService } from './app.service';
import { AuthGuard } from '@nestjs/passport';
@Controller()
export class AppController {
constructor(private readonly appService: AppService) {}
@Get()
@UseGuards(AuthGuard('jwt'))
@Header('Content-Type', 'text/html')
getHello(@Request() req): string {
console.log(req.user);
return this.appService.getHello();
}
}
如何在 iOS 中使用 AWSMobileClient 获取 AWS Cognito 用户属性?
[英]How to get AWS Cognito user attributes using AWSMobileClient in iOS?
无法使用来自 AWS Cognito 的配置文件/openid 范围获取用户属性
[英]Unable to get user attributes using profile/openid scopes from AWS Cognito
AWS + 无服务器 - 如何获取 Cognito 用户池生成的密钥
[英]AWS + Serverless - how to get at the secret key generated by cognito user pool
在不让用户登录的情况下更新 AWS Cognito 用户的自定义属性
[英]Update AWS Cognito user's custom attributes without logging user in
如何使用 Cognito 身份 ID 获取用户属性(用户名、email 等)
[英]How to get user attributes (username, email, etc.) using cognito identity id
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.