User Sign-up using Amazon Cognito on GraphQL
The Cognito service from AWS simplifies the authentication process and makes it easy for developers to customize user management. The API provided by Cognito is built on the basis of the Oauth2 specification, which can serve all these needs. As of this writing, Cognito is already available for various mainstream web and mobile platforms. As of this writing, Cognito is already available for multiple mainstream web and mobile platforms. As explained in the previous paragraph, Cognito eliminates the need for managing databases to manage users. The solution offered is to add a “Secret key” from AWS users to access the resources that have been provided. Access granted from resources to AWS users will be granted via Cognito in the form of an “Identity Pool” which can also provide authentication from several external providers such as Facebook, Google, OpenId, etc. To be able to authenticate, Cognito requires an “Identity Pool” and a token obtained from amazon authentication itself. In addition, Cognito provides the flexibility to set what user details are required, and also control over sign up, sign in and password management is in the hands of the developer. More details on how to set AWS users to get the “Identity Pool” and “User Pool” are in this article by Suminda Niroshan.
If the User Pool Id, App Client, and Identity Pool have been obtained, let’s start implementing the use of Cognito for user registration. This project is used to create GraphqlAPI on NodeJS. To add an endpoint to graphql, the plugin used is graphql-compose-mongoose. Packages that need to be installed include:
“amazon-cognito-identity-js”Declare User Pool Id and Client Id that has been obtained into one object
Declare an empty list, then enter the user attribute into attributeList
Create a new variable to store the pool data and do the sign-up.
User Verification
Declare objects that contain user data
Verify user by inserting verificationCode when invoking confirmRegistration
Testing sign-up using Insomnia by accessing the GraphQL endpoint
Verification code on the registered email
Verification via GraphQL endpoint
Test login to make sure whether a verified user can have access can use the repo from the linked article or can be seen on this GitHub repo.
anyway, here’s a glimpse of how it looks like when logging in
So this article, hopefully, can help understand user sign-up with AWS Cognito, next will discuss the authentication process, in the meantime, see you soon
