Morning Is it possible to pass a Cognito user when I run `ss Serverless Stack #help

Morning! Is it possible to pass a Cognito user wh...

Robert

05/06/2022, 2:34 PM

Morning! Is it possible to pass a Cognito user when I run

sst start

, so it will use this user when executing my queries in the console. Like when using

serverless.yml

you can set a specific user in an env variable. Also, I have a infra stack that create my Cognito userPool, roles, etc. How can I pass it to my APIs when creating them? I've tried something like this. but so far got no success 😕

Copy code

const api = new sst.Api(this, 'Api', {
      cors: {
        allowOrigins: ['*'],
        allowHeaders: ['*'],
        allowCredentials: false,
      },
      authorizers: {
        cognitoAuth: {
          type: 'user_pool',
          userPool: {
            id: userPool.id,
            clientIds: [userPool.clientId],
          },
        },
      },
      defaults: {
        function: {
          timeout: 20,
          environment: {
            logging: process.env.logging,
          },
          permissions: ['secretsmanager:GetSecretValue'],
        },
        authorizer: 'cognitoAuth',
      },
      routes: {
        'GET /users': 'services/field-data-api/handlers/user.get',
      },
    });

Robert

05/06/2022, 2:44 PM

From what I read so far, it seems like the

sst start

command will always use my default credential in the aws config file. So no real way to test locally with different users, or there is something I didn't see yet.

thdxr

05/06/2022, 2:50 PM

sst start should always run as your AWS user

thdxr

05/06/2022, 2:51 PM

If you want to execute http requests as a cognito user in the console right now you'll have to set a header with the auth token

thdxr

05/06/2022, 2:52 PM

what issue are you having with the authorizer in the api?

Robert

05/06/2022, 3:22 PM

Maybe it's me who does not understand how this should work. But every time I do a query in the console the

event

is always empty. And since I use

event.requestContext

to check if who is authenticated to get the user, roles, etc. As of now I cannot do it this way. When I am using serverless, it just uses the

SLS_COGNITO_AUTHENTICATION_PROVIDER

variable to do so. I am just trying to find a way to test locally my SST stack, while making sure the old way is also working fine.

thdxr

05/06/2022, 3:24 PM

when you say query in console what exactly are you doing?

thdxr

05/06/2022, 3:25 PM

if this is for a rest api you should use the api explorer to make a request to an endpoint, the event won't be empty then

Robert

05/06/2022, 3:26 PM

For a reason that I cannot explain, the query in the API explorer does not work for me. When I try to query any API I get a 401 unauthorised. 🤷

Robert

05/06/2022, 4:06 PM

It's like the URL is incomplete. It's missing the stage in it.

Robert

05/06/2022, 4:07 PM

Well, I am assuming the stage should be part of it, but maybe I am wrong here

Frank

05/06/2022, 4:31 PM

Hey @Robert, there seems to be a couple of things going on there. If you want to share ur screen, I can get it to work for u, and answer any questions you might have. Let me know 😄

Robert

05/06/2022, 4:58 PM

Hey @Frank! Sure thing if you've got some time I can share my screen anytime. Just let me know, until then I'll keep searching 😄

Frank

05/06/2022, 5:02 PM

I can do now.. DMing u a zoom link

4 Views

Open in Slack

Previous Next