@webiny/api-security-okta

@webiny/api-security-cognito

A plugin that enables Amazon Cognito based authentication in @webiny/handler handlers.

Install

npm install --save @webiny/api-security @webiny/api-security-cognito

Or if you prefer yarn:

yarn add @webiny/api-security @webiny/api-security-cognito

Quick Example

The set up process consists only of a single step, and that's adding the plugins in your handler:

import { createHandler } from "@webiny/handler-aws";
import graphqlPlugins from "@webiny/handler-graphql";
import logsPlugins from "@webiny/handler-logs";
import securityPlugins, { SecurityIdentity } from "@webiny/api-security";
import cognitoAuthenticationPlugins from "@webiny/api-security-cognito";

// Imports plugins created via scaffolding utilities.
import scaffoldsPlugins from "./plugins/scaffolds";

const debug = process.env.DEBUG === "true";

export const handler = createHandler({
  plugins: [
    securityPlugins(),
    cognitoAuthenticationPlugins({
      region: process.env.COGNITO_REGION,
      userPoolId: process.env.COGNITO_USER_POOL_ID,
      identityType: "user"
    }),
    logsPlugins(),
    graphqlPlugins({ debug }),
    scaffoldsPlugins()
  ],
  debug
});

With all the plugins in place, you should be able to retrieve the current identity in your handler application code, via the context.security object:

const identity = context.security.getIdentity();