With Mockless Studio you can integrate AWS Cognito just by enabling the built-in Cognito plugin.
Once the plugin is enabled, you will be able to create complex authorization rules and, in the background, mockless will create the corresponding source code.
Prerequisites
This tutorial uses an already created Node.js project that was described on How to create a simple Blog API with Node.js in 30 minutes tutorial.
In case you are not familiar with Mockless Studio or you don’t have any Mockless projects yet, we encourage you to create your first project as we described here.
To successfully follow this tutorial you will have to have accounts on the following platforms:
Create the AWS Cognito user pool
The first step is to create a new AWS Cognito user poll. In case you are not familiar with AWS Cognito we encourage you to read the official documentation.
For this tutorial, we only need a basic configuration of Cognito just to have a valid Pool ID and an App Client Id so we can test our implementation.
Activating the AWS Cognito plugin on Mockless Studio
Once we have the Pool ID and the App Client Id, we can enable the AWS Cognito plugin in Mockless studio to start authorizing some API endpoints.
Activating the AWS Cognito plugin produces some side effects on multiple areas of Mockless Studio.
There will automatically create a new Cognito Instance that can be managed on Project Settings under the Configure section. Here you can manage the list of groups that you can use later on to better structure your user pools.
On the entities section, a new AccountUser entity will be created automatically that has all the required properties to be compatible with Cognito.
Most of the changes that you will see will be in the Routers section. Here are automatically created routers to easily manage your user pools as well as endpoints for user register, login, password confirms, password recovery, token renewal, etc.
Applying security rules to the REST endpoint
The endpoints can be customized from the Routers and Flows sections where you can set some specific endpoints and customize how the endpoint to behave based on the user group or role.
For example, you can hide some properties or prevent some entity properties to be set by specific groups.
Updating the environment
To be able to use the already created Cognito user pool on the Local environment, you have to update the environment and set the Pool ID and the App Client Id.
Testing the auth flow
After you pull the changes made by the Mockless Studio and rebuild your project, you will have all the new endpoints that you need to manage your users.
All the endpoints are listed and documented under the Routers section on Mockless studio.
How to register a new user?
curl \
--request POST \
--url http://localhost:3001/account/register \
--header 'Content-Type: application/json' \
--data '{"email":"STRING", "password":"STRING"}'
How to login?
curl \
--request POST \
--url http://localhost:3001/account/login \
--header 'Content-Type: application/json' \
--data '{"email":"STRING", "password":"STRING"}'
How to reset password?
curl \
--request POST \
--url http://localhost:3001/account/password/recover \
--header 'Content-Type: application/json' \
--data '{"email":"STRING"}'
How to renew JWT token?
curl \
--request POST \
--url http://localhost:3001/account/token/renew \
--header 'Content-Type: application/json' \
--header 'Authorization: $COGNITO_AUTH_TOKEN' \
--header 'IdToken: $COGNITO_ID_TOKEN' \
--data '{"refreshToken":"STRING"}'
How to add a new article?
curl \
--request POST \
--url http://localhost:3001/articles \
--header 'Content-Type: application/json' \
--header 'Authorization: $COGNITO_AUTH_TOKEN' \
--header 'IdToken: $COGNITO_ID_TOKEN' \
--data '{"title":"STRING", "summary":"STRING", "description":"STRING", "createdBy":"AccountUserId"}'