Skip to content
This repository has been archived by the owner on Feb 24, 2018. It is now read-only.

Python pres signup cognito trigger #633

Open
randhawp opened this issue Dec 24, 2017 · 7 comments
Open

Python pres signup cognito trigger #633

randhawp opened this issue Dec 24, 2017 · 7 comments

Comments

@randhawp
Copy link

Did anyone get the pre-sgnup code in python working ?
I always get the error InvalidLambdaResponseException: Unrecognizable lambda output

Not able to figure out what the response should be.

Any pointers will be helpful

@itrestian
Copy link
Contributor

You can try debugging from the lambda console and printing out the input/output shapes.

@twall
Copy link

twall commented Jan 11, 2018

It is unclear from the documentation how to deny a registration request in Python. The elements used in the JavaScript example (callback, context.done()) are not available in the Python context.

For Python, the lambda output must be the event argument passed in to the function (this is not documented anywhere).

@randhawp
Copy link
Author

randhawp commented Jan 12, 2018

To do any kind of processing on the registration process, you will need to link lambda functions from the cognito triggers section in the user pool. You will find triggers for Pre sign-up , pre-authentication etc.
The next section to focus on is the attributes, which you can use for filtering in your registration process.
You can also create custom attributes.
Once that is done, you can pass the attributes from your client side javascript to the lambda function. The lambda function for python 3.6 will look as follows:

import json
def lambda_handler(event, context):
   
    ALLOWED_DOMAIN = "@cloudm.ca"
    data = json.dumps(event)
    y = json.loads(data)
    email = y['request']['userAttributes']['email']  # this must be passed in the attributes from js client
    domain = email[ email.find("@") : ]
    if domain == ALLOWED_DOMAIN:
        # enable below to bypass confirming email by the user
        # which is not a good idea
        #y['response']['autoConfirmUser'] = True
        #y['response']['autoVerifyEmail'] = True
        return y
    else:
        return None
   
    return y; #must return this as this is a pipeline, the next process must get this

@ispulkit
Copy link

@randhawp What is data here? Also, I get: expected string or buffer error when I run json.loads on event.

@randhawp
Copy link
Author

data = json.dumps(event)

@theladyjaye
Copy link

How do you deny it? Just raise an exception?

raise Exception("something bad happened")

And for it to succeed you just return the event?

return event

@randhawp
Copy link
Author

return a None if it fails and if it succeeds then pass the event data. See example above. You can also use a post trigger to then handle the event data, for example adding it in your table for providing role based access to your application or some other custom logic. The important point is that the event data must be returned for the cognito pipeline to propagate to the the end.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants