阅读背景:

AWS认知+我自己的身份解决方案使用DynamoDB?

来源:互联网 

Currently, I have a nodeJS API server that handles user authentication that I would like to continue using. I have an /authenticate endpoint that will authenticate users and return JWT that needs to be used for making authenticated API calls.

目前,我有一个nodeJS API服务器,用于处理我希望继续使用的用户身份验证。我有一个/authenticate端点,该端点将对用户进行身份验证并返回用于进行身份验证API调用的JWT。

I would like to use AWS Cognito + DynamoDB for user authentication going forward. However, I'm totally overwhelmed by the various ways in which I can do this. I have come up with the following 2 ways of doing this, but not sure which is better in the long term.

我想使用AWS Cognito + DynamoDB进行用户身份验证。然而,我完全被各种各样的方法所淹没。我想到了以下两种方法,但不确定哪一种从长远来看更好。

  1. Use API Gateway + Lambda. This way, I can create new users by interfacing with DynamoDB, and authenticate using Cognito. So far I've just tried to just do some basic things with API Gateway + Lambda + DynamoDB, but haven't touched Cognito yet. It seems with this method I can have more flexibility down the road.
  2. 使用API网关+ Lambda。通过这种方式,我可以通过与DynamoDB进行交互来创建新用户,并使用Cognito进行身份验证。到目前为止,我只是尝试用API Gateway + Lambda + DynamoDB做一些基本的事情,但还没有触及Cognito。似乎用这种方法我以后可以有更多的灵活性。
  3. Deploy my nodeJS application on AWS + API Gateway. Besides user authentication, I have about 8 other endpoints for other things. I feel like this method doesn't leverage many benefits of AWS but I can easily push new code and keep things running.
  4. 在AWS + API网关上部署nodeJS应用程序。除了用户身份验证之外,我还有其他8个端点。我觉得这个方法没有利用AWS的很多好处,但是我可以轻松地推出新代码并保持运行。

Or, is there another, better way? In summary, I have a REST API using nodeJS that I want to deploy on AWS but not sure the best way to do so. One of those endpoints is for authentication, while the others are all CRUD.

或者,还有更好的方法吗?总之,我有一个使用nodeJS的REST API,我想将其部署到AWS上,但不确定最好的方式。其中一个端点用于身份验证,而其他端点都是CRUD。

3 个解决方案

#1


1  

So if I understand you correctly you want to look at how you can continue using the JWT approach you have but use DynamoDB as the backing store and the cognito capabilities to help with all the auth etc?

如果我理解正确的话你想看看如何继续使用JWT方法但是使用DynamoDB作为后台存储和认知功能来帮助处理所有的auth等等?

Maybe have a look at how to use Lambda, Cognito and DynamoDB with your own user management scheme

也许可以看看如何使用Lambda、Cognito和DynamoDB来使用您自己的用户管理方案。

If you need any extra info just ask.

如果你需要任何额外的信息就问。

#2


1  

I found an example of how to use cognito + Javascript: https://docs.aws.amazon.com/amazondynamodb/latest/gettingstartedguide/GettingStarted.Js.Summary.html "Configure AWS Credentials in Your Files Using Amazon Cognito"

我找到了一个如何使用cognito + Javascript的例子:https://docs.aws.amazon.com/amazondynamodb/latest/gettingstartedguide/gettingstar.js.summary。

#3


0  

Another good example application for what you are describing is here: https://github.com/awslabs/aws-serverless-auth-reference-app

您所描述的另一个很好的示例应用程序是:https://github.com/awslabs/aws-serverless-auth-reference-app

It demonstrates, API-gateway, cognito, lamdda and dynamoDB working together for a room reservation application.

它演示了API-gateway、cognito、lamdda和dynamoDB为一个房间预订应用程序共同工作。


分享到: