Nest.js 与 AWS Cognito,如何访问用户属性
Posted
技术标签:
【中文标题】Nest.js 与 AWS Cognito,如何访问用户属性【英文标题】:Nest.js with AWS Cognito, How to get access to the user attributes 【发布时间】:2021-11-27 08:28:08 【问题描述】:我创建了 Nest.js 应用。我使用 AWS Cognito 来管理用户身份验证和授权。我使用 amazon-cognito-identity-js 来处理用户登录/注销和 @nestjs/passport / @UseGuards(AuthGuard('jwt')) strong> 用于验证路由的令牌和用户访问权限。 现在我需要访问应用程序其他路由中的当前用户属性(电子邮件、电话号码...)。最好的方法是什么?
auth.service.ts
import AuthConfig from './auth.config';
import Injectable from '@nestjs/common';
import
AuthenticationDetails,
CognitoUser,
CognitoUserPool,
CognitoUserAttribute,
from 'amazon-cognito-identity-js';
@Injectable()
export class AuthService
private userPool: CognitoUserPool;
private sessionUserAttributes: ;
constructor(private readonly authConfig: AuthConfig)
this.userPool = new CognitoUserPool(
UserPoolId: this.authConfig.userPoolId,
ClientId: this.authConfig.clientId,
);
registerUser(registerRequest:
name: string;
email: string;
password: string;
)
const name, email, password = registerRequest;
return new Promise((resolve, reject) =>
return this.userPool.signUp(
name,
password,
[new CognitoUserAttribute( Name: 'email', Value: email )],
null,
(err, result) =>
if (!result)
reject(err);
else
resolve(result.user);
,
);
);
authenticateUser(user: name: string; password: string )
const name, password = user;
const authenticationDetails = new AuthenticationDetails(
Username: name,
Password: password,
);
const userData =
Username: name,
Pool: this.userPool,
;
const newUser = new CognitoUser(userData);
return new Promise((resolve, reject) =>
return newUser.authenticateUser(authenticationDetails,
onSuccess: (result) =>
resolve(result);
,
onFailure: (err) =>
reject(err);
,
);
);
jwt.strategi.ts
import ExtractJwt, Strategy from 'passport-jwt';
import PassportStrategy from '@nestjs/passport';
import Injectable from '@nestjs/common';
import AuthService from './auth.service';
import passportJwtSecret from 'jwks-rsa';
import AuthConfig from './auth.config';
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy)
constructor(
private readonly authService: AuthService,
private authConfig: AuthConfig,
)
super(
secretOrKeyProvider: passportJwtSecret(
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `$authConfig.authority/.well-known/jwks.json`,
),
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
audience: authConfig.clientId,
issuer: authConfig.authority,
algorithms: ['RS256'],
);
public async validate(payload: any)
return !!payload.sub;
app.controller.ts
import Controller, Get, UseGuards, Header from '@nestjs/common';
import AppService from './app.service';
import AuthGuard from '@nestjs/passport';
@Controller()
export class AppController
constructor(private readonly appService: AppService)
@Get()
@UseGuards(AuthGuard('jwt'))
@Header('Content-Type', 'text/html')
getHello(): string
return this.appService.getHello();
【问题讨论】:
【参考方案1】:user
在护照成功验证用户身份时被设置为请求的属性。
然后访问控制器和用户属性中的request can be injected。
import Controller, Get, UseGuards, Header, Request from '@nestjs/common';
import AppService from './app.service';
import AuthGuard from '@nestjs/passport';
@Controller()
export class AppController
constructor(private readonly appService: AppService)
@Get()
@UseGuards(AuthGuard('jwt'))
@Header('Content-Type', 'text/html')
getHello(@Request() req): string
console.log(req.user);
return this.appService.getHello();
【讨论】:
? 谢谢您,先生!只是不要忘记从验证乐趣中返回用户对象export class JwtStrategy extends PassportStrategy(Strategy) .... public async validate(payload: any) return payload;
随时更新答案。以上是关于Nest.js 与 AWS Cognito,如何访问用户属性的主要内容,如果未能解决你的问题,请参考以下文章
AWS Cognito 与 django 休息框架反应 js?
将 Cognito 中的用户信息与 AWS Amplify GraphQL 关联
将Cognito的用户信息与AWS Amplify GraphQL关联起来。