CODEWITHSUNDEEP
amazon-web-servicesamazon-cognito
user1411469
user1411469

Reputation: 379

AWS Cognito - how to create user record in dynamodb after a user confirms registration

I'm trying to create a user record in ddb for cognito users once they confirm their registration. I wish to use the (federated) identity id of the user as the primary key.

However, the identity id is not available in the postConfirmation lambda trigger. In fact, the identity id is not available until the user authenticates with their access token. I guess this makes sense given that cognito user pools are a provider, like facebook and google. You wouldn't create an identity until they login with that provider.

Unlike facebook and google, there is no oauth callback to hit to create a record when signing into a cognito user pool. The user just signs in like so:

cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: function (result) {
        console.log('access token + ' + result.getAccessToken().getJwtToken());
        AWS.config.credentials = new AWS.CognitoIdentityCredentials({
            IdentityPoolId: self.IdentityPoolId,
            Logins: {
              [`cognito-idp.${self.region}.amazonaws.com/${self.poolData.UserPoolId}`]: result.getIdToken().getJwtToken()
            }
        });
        console.log("AuthService: set the AWS credentials - " + JSON.stringify(AWS.config.credentials));
        self.currentUser = cognitoUser;
        cb(null, result);
    },

    onFailure: function(err) {
        console.log(err);
      cb(err, null);
    }

});

Only then is the identity id created. What is then the standard way to implement creating a user record? Is it standard to create the record when the user first signs in?

Upvotes: 2

Views: 1458

Answers (1)

Jeff Bailey
Jeff Bailey

Reputation: 5775

There's a few ways you could do this, I think. One might be to use the sub value as the key instead of the identity id. It's given to a user on creation, and is globally unique (like identity id). If you go this route, your thought about using the postConfirmation callback is great.

If you really want identity id (which you might if you have other AWS resources to access and want to access them), then I might just recommend building your own hook into the onSuccess block there. Check if a row for that identity id exists, and do nothing if so. If not, create it. Does that make sense for your use case? Or are there more wrinkles?

Upvotes: 2

Related Questions