I'm using Nativescript with AWS Amplify to login to AWS AppSync.
The session stored by Amplify is cleared after app refresh. I get no user from Auth.currentSession() after app refresh.
However, I store the jwt from login and can access endpoints manually by passing that in header.
I would like to use this to make Amplify believe that a user is logged in to use it in other parts of the application.
Is there a way to manually set credentials to use all the functionality of Amplify?
And how is successful login handled? How can I emulate the behaviour after successful login to set current session credentials manually?
There is no possible way to this this as of now, however according to this and this issue on github, they have acknowledged this as a feature-request and are probably working on this.
The solution to my problem was to use the nativescript-localstorage module and assign global["storage"] to this module.
import * as storage from "nativescript-localstorage"
global["storage"] = storage;
Related
I am using AWS Amplify / AWS Cognito for my web app. It would automatically put tokens in browser's localStorage. This is the expected behavior of SDKs. It adds the tokens to local storage so user can use the app without logging in again after the session is closed and then restarted.
However, in my strange user scenario, I have to make my web app such that when user closes browser and re-opens it, the user must sign in again.
So instead of having the tokens saved in localStorage, I need to save them in sessionStorage of web browser.
How to do it nicely?
This can be accomplished by passing window.sessionStorage into your auth configuration.
Auth.configure({ storage: window.sessionStorage })
Basically I want the below flow in the application .
I have created one user pool in the cognito and configure it.
I want to integrate cognito authentication and authorization with below flow.
Register new user with by using cognito signUp api via postman (I dont want to use hosted UI) .
once user is successfully registered in cognito.
User will call the cognito login api via postman - On successful login cognito will return access_token.
I will use that access token in all subsequent requests to make sure the user is authenticated and authorized .
The main thing here is I do not want to use that hosted UI given by cognito .I want to achieve this via api calls .
I am not sure for achieving this what I need to . You can tell me if any more steps needed before the first step I wrote like authorize my app or anything like that.
I understood I need to authorize my app before it uses the signup api but I am not sure about exact flow and process or in which manner I need to perform the steps .
Please guide..
There are aws sdks available for different platform. You need to implement one of them according to your backend technology and expose your api and test it out in the post man. Please go through this link docs.aws.amazon.com/cognito-user-identity-pools/latest/… There are sdks links at the bottom.
I am implementing a simple sign-up sign-in system in my Android app using AWS Amplify and Kotlin. Everything seems to work fine except for one thing that when the user tries to sign-in they can use any password to do so. If they type in a registered and confirmed username the successfully log in which is obviously not what I want. I want them to type in the correct password as well. Do I need to change something in my AWS User Pool settings to achieve this or do I handle this in Kotlin somehow?
Amplify.Auth.signIn(inputEmail.text.toString(), inputPassword.text.toString(), {}, {})
I found the error. AWS Amplify keeps a cached version of the previous successful login which is prioritized over the current attempted login. So at some point I have to call Amplify.Auth.signOut()
Is storing an AWS Cognito user from a user signing in and checking that in a middleware a secure way to authenticate and guard routes and data? I've seen a bunch of ways of using Auth0 and Nuxt's 'auth' module but I do not understand if those are necessary when I am already using AWS' Cognito to handle authentication.
I can get the Amplify Authenticator to successfully allow them to sign in and store the returned user and info to the Vuex store (store.state.auth.user).
If I just use a middleware to globally guard routes like:
export default function({store, redirect}){
if(!store.state.auth.user){
return redirect('/login')
}
}
and then use that same 'store.state.auth.user' value in store to look up and retrieve their files is that 1. Secure 2. Following best practices?
I have my web application. Now i want to integrate salesforce into my web app so that i can push data from my app to any salesforce org after the authentication(OAuth).
I found 2 ways:
1. Connected Apps
2. via wsdl generation file and use
I created a connected app from my developer account and i authenticated using consumer key, cusumer secret key(from my connected app) and username of user and secret token of the user account.
I tried with another free trail account, It's validating and fetching the details and post data also working.
My question is, shall i deploy my connected app into app exchange, then only i caan use REST APIs ?
generating wsdl and coding around is the better option than the above ?
Is there a option, only one time authentication enough for any number of sessions and use the REST APIs?
Please suggest me a best way to proceed.
You're mixing up a couple of independent issues here.
If you're going to authenticate via OAuth, you must have a Connected App.
A SOAP API login() call requires you to store a username and password, which is undesirable.
There is no way to "permanently" authenticate, i.e., to get a session id that never expires. Your app must always be ready to get a new access token via the OAuth refresh token it obtains and stores (via, for example, the Web Server OAuth flow), or to reauthenticate via JWT flow.
Connected Apps are global metadata in most cases. You don't need to deploy a Connected App into a target org in order to authenticate using its Client Id and Secret into that org. The only exception I'm aware of is if you want to use the JWT flow with a certificate and preauthorized Profiles and Permission Sets.
Based on what you've shared, I don't see any reason for the AppExchange to be involved.