Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Sending message from Cognito triggers

Tags:

aws-lambda

amazon-cognito

I want to restrict user sign-ins from Cognito hosted UI. I can see there are triggers in which we can attach lambda, but whenever I change event object inside of lambda, instead of getting my custom message User exceeded limits, I get unrecognizable lambda output error.

Can anyone help me in this or is there any other way to achieve this functionality?

Now,I'm getting this cognito error from trigger

with this code :

exports.handler = (event, context, callback) => {
    if (true) {
        var error = new Error("Cannot signin because your signin count is 5");
        // Return error to Amazon Cognito
        callback(error, event);
    }
    // Return to Amazon Cognito
    callback(null, event);
};

But,I don't want prefix PreAuthentication failed with error,I just want to display my message.

Any help is appreciated.

like image 597
Smita Ahinave Avatar asked Oct 17 '25 01:10

Smita Ahinave

1 Answers

Currently, there is no way to stop Cognito from adding the prefix because the form is a hosted web UI.

If this is a hard requirement, the workaround is to create your own login form and use the aws-cognito-sdk

Once you make the call to cognitoUser.authenticateUser in the code below the Pre authentication trigger will fire the Lambda function and you will need to handle the error and parse it to remove the unwanted prefix.

Hope this Helps

aws Examples: Using the JavaScript SDK

var authenticationData = {
    Username : 'username',
    Password : 'password',
};
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails(authenticationData);
var poolData = { UserPoolId : 'us-east-1_TcoKGbf7n',
    ClientId : '4pe2usejqcdmhi0a25jp4b5sh3'
};
var userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
    Username : 'username',
    Pool : userPool
};
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: function (result) {
        var accessToken = result.getAccessToken().getJwtToken();

        /* Use the idToken for Logins Map when Federating User Pools with identity pools or when passing through an Authorization Header to an API Gateway Authorizer*/
        var idToken = result.idToken.jwtToken;
    },

    //Your message from the Lambda will return here, you will need to parse the err to remove the unwanted prefix*
    onFailure: function(err) {

        alert(err);
    },

});
like image 95
Scott Douge Avatar answered Oct 20 '25 00:10

Scott Douge

Sign in to Comment

Related questions

Serverless AWS Lambda Edge: MalformedHandlerName
The SSL connection could not be established: System.Security.Authentication.AuthenticationException
AWS API Gateway + Lamda - how to handle 1 million requests per second
workaround lambda 500MB ephemeral storage
How to read and process large text/CSV files from an S3 bucket using C#?
Serverless framework for AWS : Adding initial data into Dynamodb table

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!