Make SRP the default AuthN mechanism

amazon-archives / realworld-serverless-application

This project is inspired by the design and development of the AWS Serverless Application Repository - a production-grade AWS service. Learn how AWS built a production service using serverless technologies.

Apache License 2.0

515 stars 108 forks source link

Make SRP the default AuthN mechanism #50

Closed undefobj closed 4 years ago

undefobj commented 4 years ago

USER_PASSWORD_AUTH is set in this project: https://github.com/awslabs/realworld-serverless-application/blob/30a2cf044fb77c2ea0faf69d33a26281e2ab5480/static-website/src/config.js#L12

This shouldn't be used by default as it's used mostly for migrations and SRP should be the default which Amplify uses. I recommend removing this.

jlhood commented 4 years ago

Thanks for reporting this, @undefobj!

honglu commented 4 years ago

The fix has been merged