Skip to content

Commit

Permalink
Ability to update and re-verify email
Browse files Browse the repository at this point in the history
  • Loading branch information
amits97 committed Sep 18, 2023
1 parent 6bf909f commit d5ad915
Show file tree
Hide file tree
Showing 13 changed files with 458 additions and 163 deletions.
163 changes: 107 additions & 56 deletions api/account-service/post-login.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,75 +4,126 @@ import { syncRewriteFacebookUsername } from "../libs/username-lib";

exports.handler = (event, context, callback) => {
try {
const cognito = new AWS.CognitoIdentityServiceProvider({apiVersion: "2016-04-19", region: "ap-south-1"});
const cognito = new AWS.CognitoIdentityServiceProvider({
apiVersion: "2016-04-19",
region: "ap-south-1",
});

// Get email
let params = {
UserPoolId: config.cognito.USER_POOL_ID,
AttributesToGet: ['email'],
Filter: "username = \"" + event.userName + "\""
AttributesToGet: ["email"],
Filter: 'username = "' + event.userName + '"',
};
cognito.listUsers(params, (err, data) => {
if (err) {
event.listUsersError = err;
callback(null, event);
} else if (data != null && data.Users != null && data.Users[0] != null) {
const email = data.Users[0].Attributes[0].Value;
let allUsersWithEmailParams = {
UserPoolId: config.cognito.USER_POOL_ID,
AttributesToGet: ['email'],
Filter: "email = \"" + email + "\""
};
if (err) {
event.listUsersError = err;
callback(null, event);
} else if (data != null && data.Users != null && data.Users[0] != null) {
const email = data.Users[0].Attributes[0].Value;

let allUsersWithEmailParams = {
UserPoolId: config.cognito.USER_POOL_ID,
AttributesToGet: ["email"],
Filter: 'email = "' + email + '"',
};

cognito.listUsers(allUsersWithEmailParams, (err, data) => {
if (err) {
event.innerListUsersError = err;
callback(null, event);
} else if (data != null && data.Users != null) {
if (data.Users.length > 1) {
// Has connected atleast 1 federal auth provider
data.Users.forEach((user) => {
if (user.UserStatus === "CONFIRMED") {
/**
* Since the user is already email verified and FB attribute mapping
* overrides to false this code ensures that email_verified is not
* flipped to false.
* */
var params = {
UserAttributes: [{
cognito.listUsers(allUsersWithEmailParams, (err, data) => {
if (err) {
event.innerListUsersError = err;
callback(null, event);
} else if (data != null && data.Users != null) {
if (data.Users.length > 1) {
// Has connected atleast 1 federal auth provider
data.Users.forEach((user) => {
if (user.UserStatus === "CONFIRMED") {
/**
* Since the user is already email verified and FB attribute mapping
* overrides to false this code ensures that email_verified is not
* flipped to false.
* */
var params = {
UserAttributes: [
{
Name: "email_verified",
Value: "true"
}],
UserPoolId: config.cognito.USER_POOL_ID,
Username: user.Username
};

cognito.adminUpdateUserAttributes(params, function(err, data) {
Value: "true",
},
],
UserPoolId: config.cognito.USER_POOL_ID,
Username: user.Username,
};

cognito.adminUpdateUserAttributes(
params,
function (err, data) {
callback(null, event);
}
);
}
});
} else if (data.Users.length === 1) {
// Check if email_verified and retain value
allUsersWithEmailParams = {
UserPoolId: config.cognito.USER_POOL_ID,
AttributesToGet: ["custom:email_valid"],
Filter: 'email = "' + email + '"',
};

cognito.listUsers(allUsersWithEmailParams, (err, data) => {
if (err) {
syncRewriteFacebookUsername(
email,
() => {
callback(null, event);
},
(err) => {
event.syncRewriteFacebookUsernameError = err;
callback(null, event);
});
}
});
} else if (data.Users.length === 1) {
syncRewriteFacebookUsername(email, () => {
callback(null, event);
}, (err) => {
event.syncRewriteFacebookUsernameError = err;
callback(null, event);
});
}
}
);
} else {
const email_verified =
data.Users[0].Attributes[0].Value || "false";

const update_email_verified_params = {
UserAttributes: [
{
Name: "email_verified",
Value: email_verified,
},
],
UserPoolId: config.cognito.USER_POOL_ID,
Username: data.Users[0].Username,
};

callback(null, event);
} else {
callback(null, event);
cognito.adminUpdateUserAttributes(
update_email_verified_params,
function (err, data) {
syncRewriteFacebookUsername(
email,
() => {
callback(null, event);
},
(err) => {
event.syncRewriteFacebookUsernameError = err;
callback(null, event);
}
);
}
);
}
});
}
});
} else {
callback(null, event);
}
} else {
callback(null, event);
}
});
} else {
callback(null, event);
}
});
} catch (e) {
event.error = e;
callback(null, event);
}
}
};
76 changes: 41 additions & 35 deletions api/account-service/pre-signup.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,50 +7,52 @@ function createNativeAccountAndLink(cognito, context, event) {
const generatedUsername = event.request.userAttributes.email.split("@")[0];

const params = {
ClientId: config.cognito.APP_CLIENT_ID,
UserPoolId: config.cognito.USER_POOL_ID,
DesiredDeliveryMediums: [],
MessageAction: "SUPPRESS",
Username: generatedUsername,
Password: generatePassword(),
UserAttributes: [{
Name: 'email',
Value: event.request.userAttributes.email
}, {
Name: 'name',
Value: generatedUsername
}]
UserAttributes: [
{
Name: "email",
Value: event.request.userAttributes.email,
},
{
Name: "name",
Value: generatedUsername,
},
],
};

cognito.signUp(params, (err, data) => {
cognito.adminCreateUser(params, (err, data) => {
if (err) {
context.done(null, event);
return;
} else {
let confirmParams = {
UserPoolId: config.cognito.USER_POOL_ID,
Password: generatePassword(),
Username: generatedUsername,
UserAttributes: [{
Name: 'email_verified',
Value: 'true'
}]
Permanent: true,
};
cognito.adminUpdateUserAttributes(confirmParams, function() {
cognito.adminSetUserPassword(confirmParams, function () {
let emailConfirmParams = {
UserPoolId: config.cognito.USER_POOL_ID,
Username: generatedUsername
Username: generatedUsername,
};
cognito.adminConfirmSignUp(emailConfirmParams, function() {
cognito.adminConfirmSignUp(emailConfirmParams, function () {
let mergeParams = {
DestinationUser: {
ProviderAttributeValue: generatedUsername,
ProviderName: 'Cognito'
ProviderName: "Cognito",
},
SourceUser: {
ProviderAttributeName: 'Cognito_Subject',
ProviderAttributeName: "Cognito_Subject",
ProviderAttributeValue: event.userName.split("_")[1],
ProviderName: 'Facebook'
ProviderName: "Facebook",
},
UserPoolId: config.cognito.USER_POOL_ID
UserPoolId: config.cognito.USER_POOL_ID,
};
cognito.adminLinkProviderForUser(mergeParams, function() {
cognito.adminLinkProviderForUser(mergeParams, function () {
event.response.autoConfirmUser = true;
context.done(null, event);
});
Expand All @@ -67,34 +69,38 @@ exports.handler = (event, context) => {
try {
const cognito = new AWS.CognitoIdentityServiceProvider({
apiVersion: "2016-04-19",
region: config.cognito.REGION
region: config.cognito.REGION,
});

if (event.triggerSource.includes('ExternalProvider')) {
if (event.triggerSource.includes("ExternalProvider")) {
// Social login
let params = {
UserPoolId: config.cognito.USER_POOL_ID,
AttributesToGet: ['sub', 'email'],
Filter: "email = \"" + event.request.userAttributes.email + "\""
AttributesToGet: ["sub", "email"],
Filter: 'email = "' + event.request.userAttributes.email + '"',
};
cognito.listUsers(params, (err, data) => {
if (err) {
event.listUsersError = err;
context.done(null, event);
} else if (data != null && data.Users != null && data.Users[0] != null) {
} else if (
data != null &&
data.Users != null &&
data.Users[0] != null
) {
let mergeParams = {
DestinationUser: {
DestinationUser: {
ProviderAttributeValue: data.Users[0].Username,
ProviderName: 'Cognito'
ProviderName: "Cognito",
},
SourceUser: {
ProviderAttributeName: 'Cognito_Subject',
SourceUser: {
ProviderAttributeName: "Cognito_Subject",
ProviderAttributeValue: event.userName.split("_")[1],
ProviderName: 'Facebook'
ProviderName: "Facebook",
},
UserPoolId: config.cognito.USER_POOL_ID
UserPoolId: config.cognito.USER_POOL_ID,
};
cognito.adminLinkProviderForUser(mergeParams, function() {
cognito.adminLinkProviderForUser(mergeParams, function () {
context.done(null, event);
});
} else {
Expand All @@ -109,4 +115,4 @@ exports.handler = (event, context) => {
event.error = e;
context.done(null, event);
}
}
};
3 changes: 2 additions & 1 deletion api/account-service/serverless.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,8 @@ provider:
- cognito-idp:AdminUpdateUserAttributes
- cognito-idp:AdminConfirmSignUp
- cognito-idp:ListUsersInGroup
- cognito-idp:SignUp
- cognito-idp:AdminCreateUser
- cognito-idp:AdminSetUserPassword
Resource: "arn:aws:cognito-idp:ap-south-1:*:*"
- Effect: Allow
Action:
Expand Down
Loading

0 comments on commit d5ad915

Please sign in to comment.