https://serverless-stack.com/ logo
#sst
Title
# sst
m

Muhammad Ali

11/07/2021, 2:14 AM
Another dumb question from me 😄 What implementation do i need to allow a user to signup using cognito. Like for now, I am using shell to sign up a user i.e.,
aws cognito-idp sign-up
... but i have to provide a rest endpoint for user so that they can do signup themselves (and do challenge to confirm signup). I mean there must be a library from
aws-cdk
which provides user signup from backend code?
o

Omi Chowdhury

11/07/2021, 2:38 AM
I would guess that this API would be in aws-sdk not aws-cdk since it’s a run time thing
c

Chad (cysense)

11/07/2021, 3:50 AM
If you want to do it with frontend code, unfortunately amplify is your best bet
f

Frank

11/07/2021, 4:14 AM
@Muhammad Ali not sure if the hosted UI makes sense for your usecase https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-integration.html
r

Ross Coundon

11/07/2021, 8:22 AM
We use amplify for this, in the frontend
Copy code
import { Auth, API } from 'aws-amplify';

const { user } = await Auth.signUp({
  username: userData.email,
  password: userData.password,
  attributes: {
    email: userData.email,
  },
});
Initialise like this - if you want to use the API calling wrapper, you can set up the API side of things too:
Copy code
import Amplify, { Auth } from 'aws-amplify';
Amplify.configure({
  Auth: {
    mandatorySignIn: true,
    region: amplifyConfig.cognito.REGION,
    userPoolId: amplifyConfig.cognito.USER_POOL_ID,
    userPoolWebClientId: amplifyConfig.cognito.APP_CLIENT_ID,
  },
  API: {
    endpoints: [
      {
        name: 'omw',
        endpoint: amplifyConfig.apiGateway.URL,
        region: amplifyConfig.apiGateway.REGION,
        custom_header: async () => {
          const token = (await Auth.currentSession())
            .getIdToken()
            .getJwtToken();
          return {
            Authorization: `Bearer ${token}`,
          };
        },
      },
    ],
  },
})
m

Muhammad Ali

11/08/2021, 3:28 PM
hmm. so i shouldn't be exposing a signup/login endpoint via my rest api layer. it would be done directly in frontend via amplify.
r

Ross Coundon

11/08/2021, 4:59 PM
Yeah, that's how we've done it
m

Muhammad Ali

11/09/2021, 3:15 PM
@Ross Coundon sorry one more question. do i have to expose an endpoint for user so that they can confirm email code? or does it also been taken care by amplify lib?
r

Ross Coundon

11/09/2021, 3:21 PM
It's taken care of by Amplify
Copy code
await Auth.confirmSignUp(username, code);