This is my first stack overflow question. I have an in-house written OAuth backend serving for my application. I have migrated all the users from my backend to Cognito using the user migration Lambda trigger. The problem is that they are a few other services that are already linked and are using the existing backend to authenticate and needed to be to migrate to Cognito without forcing them to log out and log in. is there a way? If yes, let me know. Thanks
Related
I have an app hosted in a DigitalOcean server that is only used by me. Now I would like to give access to some friends, so I need users authentication management.
I have read AWS Cognito is a good option however it is not clear to me if it is possible to implement only AWS Cognito to work in joint cooperation with other services or if I need to migrate all to AWS to be able to use Cognito. I’ve been looking for tutorials but all talk about using Cognito in addition to other AWS services.
The point is that I’m using a Postgres DB and looking at AWS prices it is expensive to me to migrate to AWS. In case it is to do what I would like, I really appreciate recommended lectures.
Thanks in advance.
I need users authentication management.
I have read AWS Cognito is a good option
Indeed the AWS Cognito is a good option for user authentication and authorization. If you have a web app, you may as well check out the AWS amplify framework for easier onboarding.
if it is possible to implement only AWS Cognito
You don't need to use any other AWS services or migrate your infrastructure. Your application can use Cognito indepently.
You can use Cognito even as a pure OAuth 2.0 based authentication and authorization service if you want to keep really independent.
all talk about using Cognito in addition to other AWS services
Cognito can provide its users session (temporary) aws credentials to use AWS services. You don't have to use the feature if you don't need to.
I am using firebase auth as a authentication service in my app.
and using dynamoDB,S3 and other AWS services.Now the problem is that I want to restrict file uploadation to s3 from only firebase authenticated user..How to achieve this?
Please Help
Ensure the user is logged in with firebase auth https://firebase.google.com/docs/auth/web/start
Then if logged in you can allows s3 uploads.
Without seeing the code to your app you will have to design the solution yourself using these basic guidelines.
I developed a website using django. Recently I am trying to make it serverless ( by deploying to lambda ). I haven't figured out how to maintain the session after user logged in when deployed to lambda.any suggestions please.
As you probably know, lambdas are stateless. You can use some database i.e. Dynamo DB to store and retrieve session related information, i.e. connection token. Otherwise you can integrate with AWS Cognito service which handles authentication and session information for you.
Most session capabilities inherent to Django will work fine with a zappa deployed Django project as long as the appropriate infrastructure is available. For example if you choose database-backed session, then your Django deployment must have access to a database. But you must avoid File-based sessions since you cannot guarantee the file will exist for any given user request (the lambda container to which requests are routed are not deterministic).
For more information on Django sessions see the documentation
I am trying to authenticate users via AWS Cognito/IAM services from my webapp. I have implemented Facebook and LinkedIn login and I'm wondering how I could use AWS to implement username+password login via my UI. Is there a way for me to set it up so that all I have to do is drop in button for username+password login on my view and that will authenticate users and redirect back to my backend service (similar to Facebook/LinkedIn) and where I can put in an endpoint URL?
Do let me know If I need to be clearer.
Edit1: I have already tried using Developer Authenticated Workflow (enhanced workflow). I don't want to do the part where I create the User in my user pool by calling the AWS Cognito Identity API. I'd like AWS to do the user creation by itself. is this possible?
Edit2: Another alternative solution is to create a Lambda which does what I want. But this is similar to the code to do that (which is on my backend).
At the moment there is no complete solution for this. You have to either use newly introduced AWS Cognito User Pools or create your own one. I would also recommend to checkout the project https://github.com/danilop/LambdAuth which worth trying.
You can create AWS Cognito user pools and create the roles for authenticated and unauthenticated users and assign some policies for both roles. Once you have created the user pool you will necessary code to use in your web or mobile application. Refer How to setup Cognito user pools.
Does it make sense to attempt to use AWS Cognito as a Django authentication back-end? What would be the advantages of doing so? What would be some challenges / problem areas?
Has anyone done any work in this direction?
It depends a bit on what your goal is for it as a back end. Cognito Identity doesn't currently manage users or user registration...etc. It leverages public providers (e.g. Twitter, Facebook, Digits, Google, Amazon...etc.) to get AWS credentials to access other AWS resources.
What were you hoping to do with this backend?
EDIT: As is commented below, the new Cognito User Pools feature allows this to happen.