在AWS体系中,Cognito用于事先用户注册/认证/授权等操作,下面介绍如何在serverless中创建对应的Cognito User Pool。
cognito模块
增加文件cognito.yml:
Resources:
CognitoUserPool:
Type: AWS::Cognito::UserPool
Properties:
UserPoolName: ${self:custom.cognito.userPoolName}
UsernameAttributes:
- email
AutoVerifiedAttributes: ["email"]
UsernameConfiguration:
CaseSensitive: false
AccountRecoverySetting:
RecoveryMechanisms:
- Name: verified_email
Priority: 1
VerificationMessageTemplate:
DefaultEmailOption: CONFIRM_WITH_LINK
EmailMessageByLink: "Please click on the following link to verify: {##Verify Email##}"
EmailSubjectByLink: lCoding user registration
Policies:
PasswordPolicy:
MinimumLength: 12
RequireUppercase: true
RequireLowercase: true
RequireNumbers: true
RequireSymbols: true
CognitoUserPoolClient:
Type: AWS::Cognito::UserPoolClient
Properties:
ClientName: ${self:custom.cognito.userPoolClientName}
UserPoolId:
Ref: CognitoUserPool
ExplicitAuthFlows:
- ADMIN_NO_SRP_AUTH
AccessTokenValidity: 10
IdTokenValidity: 10
RefreshTokenValidity: 180
TokenValidityUnits:
AccessToken: minutes
IdToken: minutes
RefreshToken: days
GenerateSecret: false进一步的配置
需要注意,在创建了Cognito User Pool之后,还需要创建App对应的Domain,才能使得Cognito用户注册正常工作:
