Determine the Cognito-frontend-backend pipeline

Lifespark-Technologies / Infomed

Web portal that enables communication between hospitals and health authorities

MIT License

1 stars 1 forks source link

Determine the Cognito-frontend-backend pipeline #87

Open kaashmonee opened 4 years ago

kaashmonee commented 4 years ago

Currently, it's a bit ambiguous how Cognito will interact with the frontend and the backend.

I believe a very rough outline of what this should look is something like this:

User authenticates in Cognito
Backend receives user information from Cognito in the way of a JWT
The backend passes on the JWT to the frontend (?)

But I'm not certain if this is the case at all and should be investigated further.

https://github.com/labd/django-cognito-jwt

The tool above seems useful for our purposes as well, especially in boostrapping one of our user models with Cognito.

kaashmonee commented 4 years ago

I've tried to diagram a rough outline of how we expect this to work. But I'm primarily confused with how to update the user attributes on the Cognito side, especially if a Doctor user, for example, has more complicated attributes like a range of times when they're free. I'm also not sure exactly how Django would verify that the user making a request to an endpoint is authenticated and has appropriate permissions. I've indicated both of these in red.

Please feel free to contribute to this if anyone has any ideas. Thanks.

Django + Cognito + Frontend Pipeline

kaashmonee commented 4 years ago

A couple additional resources that might be helpful:

warrant: https://github.com/capless/warrant

Django Warrant: https://github.com/metametricsinc/django-warrant

Lifespark-Technologies commented 4 years ago

@devbhavikjain Thoughts?