Cognito - Amplify Auth Component
About
Auth is a sub-component (called a category) of the amplify library and is a wrapper around amazon-cognito-identity-js
- All methods are available in the Auth class.
Articles Related
Prerequisites
Installation
- If you only need to use Auth component of amplify
yarn add @aws-amplify/auth
# with npm
npm install @aws-amplify/auth
info All dependencies
├─ @aws-amplify/[email protected]
├─ @aws-amplify/[email protected]
├─ [email protected]
├─ [email protected]
├─ [email protected]
├─ [email protected]
├─ [email protected]
└─ [email protected]
- Otherwise: amplify installation
yarn add aws-amplify
Configuration
In the app (preferably at the root level), configure Amplify. More amplify configuration
With the Cli
- Add auth with the Aws - Amplify Cli
amplify add auth
amplify push
- Use the created aws-exports conf file in your code
import Amplify, { Auth } from 'aws-amplify';
import awsmobile from './aws-exports';
Amplify.configure(awsmobile);
Manually
- with Auth
import Auth from '@aws-amplify/auth';
Auth.configure(
// Se below for a full list of properties
identityPoolId: 'XX-XXXX-X:XXXXXXXX-XXXX-1234-abcd-1234567890ab',
region: 'XX-XXXX-X',
);
// You can get the current config object
const currentConfig = Auth.configure();
- or with the Amplify object
import Amplify from '@aws-amplify/core';
// or
// import Amplify from 'aws-amplify';
Amplify.configure({
Auth: {
// REQUIRED only for Federated Authentication - Amazon Cognito Identity Pool ID
identityPoolId: 'XX-XXXX-X:XXXXXXXX-XXXX-1234-abcd-1234567890ab',
// REQUIRED - Amazon Cognito Region
region: 'XX-XXXX-X',
// OPTIONAL - Amazon Cognito Federated Identity Pool Region
// Required only if it's different from Amazon Cognito Region
identityPoolRegion: 'XX-XXXX-X',
// OPTIONAL - Amazon Cognito User Pool ID
userPoolId: 'XX-XXXX-X_abcd1234',
// OPTIONAL - Amazon Cognito Web Client ID (26-char alphanumeric string)
userPoolWebClientId: 'a1b2c3d4e5f6g7h8i9j0k1l2m3',
// OPTIONAL - Enforce user authentication prior to accessing AWS resources or not
mandatorySignIn: false,
// OPTIONAL - Configuration for cookie storage
// Note: if the secure flag is set to true, then the cookie transmission requires a secure protocol
cookieStorage: {
// REQUIRED - Cookie domain (only required if cookieStorage is provided)
domain: '.yourdomain.com',
// OPTIONAL - Cookie path
path: '/',
// OPTIONAL - Cookie expiration in days
expires: 365,
// OPTIONAL - Cookie secure flag
// Either true or false, indicating if the cookie transmission requires a secure protocol (https).
secure: true
},
// OPTIONAL - customized storage object
storage: new MyStorage(),
// OPTIONAL - Manually set the authentication flow type. Default is 'USER_SRP_AUTH'
authenticationFlowType: 'USER_PASSWORD_AUTH'
}
});
Use case
https://aws-amplify.github.io/docs/js/authentication#common-authentication-use-cases
Sign-up
import Auth from '@aws-amplify/auth';
Auth.signUp({
username: 'AmandaB',
password: 'MyCoolPassword1!',
attributes: {
email: '[email protected]'
}
});
Sign-in
Sign-out
// With only the auth module
import Auth from '@aws-amplify/auth';
// or by using the bundled amplify
// import { Auth } from 'aws-amplify';
Auth.signOut()
.then(data => console.log(data))
.catch(err => console.log(err));
// By doing this, you are revoking all the auth tokens(id token, access token and refresh token)
// which means the user is signed out from all the devices
// Note: although the tokens are revoked, the AWS credentials will remain valid until they expire (which by default is 1 hour)
Auth.signOut({ global: true })
.then(data => console.log(data))
.catch(err => console.log(err));
Token Storage
https://aws-amplify.github.io/docs/js/authentication#common-authentication-use-cases
React
See Cognito - React