6

Using v1.10 of amazon-cognito-identity-js in the following nodeapp.

I have written the following: This call is made after the user registration has been confirmed and the email has been verified.

var AWS = require('aws-sdk');
var AWSCognito = require('amazon-cognito-identity-js');

router.post('/emailsignin', function(req, res, next) {
var email = req.body.email;
var pwd = req.body.password;

AWS.config.region = 'eu-west-1';
var poolData = {
  UserPoolId : AWS_USERPOOLID,
  ClientId : AWS_APPCLIENTID
};
var userPool = new AWS.CognitoIdentityServiceProvider.CognitoUserPool(poolData);
var authenticationData = {
  Username : email,
  Password : pwd,
};
var authenticationDetails = new AWS.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
var userData = {
  Username : email,
  Pool : userPool
};
var cognitoUser = new AWS.CognitoIdentityServiceProvider.CognitoUser(userData);

cognitoUser.authenticateUser(authenticationDetails, {
  onSuccess: function (result) {
  },
  onFailure: function(err) {
 }
});

When authenticateUser is called, I get the "ReferenceError: navigator is not defined"

It looks like a browser call is being attempted inside the node server.

I had created a github issue on this and the recommendation was to refer to "jsbn": "^0.1.0", "sjcl": "^1.0.3", "amazon-cognito-identity-js": "^1.10.0", "aws-sdk": "^2.5.3"

I made the changes to the package versions. Unfortunately it did not work with this too. I have created a sample nodejs app which tries to authenticate using email id and password.

NB : The Cognito pool is setup with email as an alias. The user has been created, confirmed and email verified.

Source repo : https://github.com/prem911/cognito-nodejs

Any pointers on how to solve the "navigator not found"?

prem911
  • 266
  • 3
  • 16
  • Cognito is a service for _users_ to authenticate to AWS, not _servers_. This code should go on the client side. – erik258 Jan 03 '17 at 11:45
  • If that is the case, then is it bad to expose the aws user pool id and aws app client id in the client js file. I was able to do the federated identity auth from the server. Should this be also done from client? – prem911 Jan 03 '17 at 12:00
  • I think you should review how cognito works if you think exposing that info is bad. I don't think you understand it's primary value proposition. – erik258 Jan 03 '17 at 12:09
  • Thanks @DanFarrell, yes I need to review it. For the federated identity I m using passport and hence I get a valid session. I was exploring if the same could be extended for a user pool. – prem911 Jan 03 '17 at 12:33
  • 1
    @DanFarrell that is not true, Cognito can be used as server side of course, as documentation says, including mobile apps or even raw request with cURL or whatever – jamesjara Mar 20 '17 at 22:54
  • Credentials from cognito can be used to authenticate a request regardless of whether the application runs on the server or client side, true. But it only adds real value, in my mind, when you use it to align existing user profiles ( google, facebook, etc ) with your app on a per-user basis. Only in the relatively unusual case of a server having such an identity would it be a particularly good fit for cognito. – erik258 Mar 25 '17 at 15:36

1 Answers1

1

To save some googling time there is no fix for the above error at the time of writing this but there is a workaround:

AWS Cognito unauthenticated login error (window is not defined) [JS]

Tomas Dermisek
  • 778
  • 1
  • 8
  • 14