ember-aws-cognito
This addon adds capability to use Cognito authentication for protecting private pages. It is built on top of the code provided by Amazon on https://github.com/aws-samples/aws-serverless-ember
Installation
Installation of the addon is done the usual way
ember install ember-aws-cognito
Usage
Once install, you then need to play the included blueprint to update your project file adding :
- AWS variables in 'environnement.js'
The standard cognito-login template uses a component based on bootstrap
{{#login-cognito-bootstrap}}Bootstrap Login with Cognito{{/login-cognito-bootstrap}}
This is the only component provided at the time being by this addon.
Once all this done, you can add a private page by adding to its route the following code :
authentication: Ember.inject.service(),
beforeModel() {
var auth = this.get('authentication');
if (!auth.authenticated) {
this.transitionTo('cognito-login');
}
},
AWS Cognito configuration
The Cognito User pool should be correctly set up to allow autehntication of the users.
Here is a sample for CloudFormation setup. Note that the field 'Parameters.AppClientName.Default' and Resources.CognitoUserPool.Properties.UserPoolName' should be updated to fit your current project.
AWSTemplateFormatVersion: '2010-09-09'Description: Ember Cognito APIParameters: AppClientName: Type: String Default: "SimpleAWSWebClient" Description: "Cognito user pools app client name"Resources: CognitoUserPool: Type: AWS::Cognito::UserPool Properties: UserPoolName: SimpleAWSCognito AutoVerifiedAttributes: - "email" CognitoUserPoolClient: Type: AWS::Cognito::UserPoolClient DependsOn: CognitoUserPool Properties: ClientName: !Ref AppClientName UserPoolId: !Ref CognitoUserPool GenerateSecret: false CognitoIdentityPool: Type: AWS::Cognito::IdentityPool Properties: AllowUnauthenticatedIdentities: true CognitoIdentityProviders: - ClientId: !Ref CognitoUserPoolClient ProviderName: !GetAtt CognitoUserPool.ProviderName CognitoIdentityPoolRoles: Type: AWS::Cognito::IdentityPoolRoleAttachment DependsOn: CognitoIdentityPool Properties: IdentityPoolId: !Ref CognitoIdentityPool Roles: authenticated: !GetAtt AuthenticatedRole.Arn unauthenticated: !GetAtt UnauthenticatedRole.Arn UnauthenticatedRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Federated: cognito-identity.amazonaws.com Action: sts:AssumeRoleWithWebIdentity Condition: StringEquals: cognito-identity.amazonaws.com:aud: !Ref CognitoIdentityPool ForAnyValue:StringLike: cognito-identity.amazonaws.com:amr: unauthenticated Policies: - PolicyName: SimpleAWSUnauthenticatedApi PolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Action: - mobileanalytics:PutEvents - cognito-sync:* Resource: - "*" AuthenticatedRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Federated: cognito-identity.amazonaws.com Action: sts:AssumeRoleWithWebIdentity Condition: StringEquals: cognito-identity.amazonaws.com:aud: !Ref CognitoIdentityPool ForAnyValue:StringLike: cognito-identity.amazonaws.com:amr: authenticatedOutputs: CognitoIdentityPoolId: Description: Cognito Identity Pool ID Value: !Ref CognitoIdentityPool CognitoUserPoolsId: Description: Cognito User Pools ID Value: !Ref CognitoUserPool CognitoUserPoolsClientId: Description: Cognito User Pools App Client ID Value: !Ref CognitoUserPoolClient
Once this configuration is done, the following variables located in 'config/environment.js' should be set up wiuth the correct values :
- ENV.AWS_REGION : Amazon region to use
- ENV.AWS_POOL_ID : Pool Id
- ENV.AWS_USER_POOL_ID
- ENV.AWS_CLIENT_ID
Contributing
Installation
git clone <repository-url>
cd ember-aws-cognito
npm install
Linting
npm run lint:js
npm run lint:js -- --fix
Running tests
ember test
– Runs the test suite on the current Ember versionember test --server
– Runs the test suite in "watch mode"ember try:each
– Runs the test suite against multiple Ember versions
Running the dummy application
ember serve
- Visit the dummy application at http://localhost:4200.
For more information on using ember-cli, visit https://ember-cli.com/.
License
This project is licensed under the MIT License.