search

aws-samples / amazon-cognito-passwordless-auth

Passwordless authentication with Amazon Cognito: FIDO2 (WebAuthn, support for Passkeys), Magic Link, SMS OTP Step Up
Apache License 2.0
382 stars 70 forks source link

Dynamic require of \"stream\" is not supported #124

Closed nkhine closed 1 year ago

nkhine commented 1 year ago

Hello, I have an issue when trying to use a custom email as per the docs, https://github.com/aws-samples/amazon-cognito-passwordless-auth/blob/main/CUSTOMIZE-AUTH.md#customize-auth, here is my stack:

...
    // 👇 Passwordless
    this.passwordless = new Passwordless(this, 'Passwordless', {
      userPool: this.userPool,
      allowedOrigins: [
        'http://localhost:5173',
        // ... other origins ...
      ],
      clientMetadataTokenKeys: ['consent_id'],
      magicLink: {
        // Adjust the sesFromAddress based on your setup
        sesFromAddress: props.sesFromAddress,
        sesRegion: region,
        secretsTableProps: {
          removalPolicy: RemovalPolicy.DESTROY,
          billingMode: BillingMode.PAY_PER_REQUEST,
        },
      },
      fido2: {
        authenticatorsTableProps: {
          removalPolicy: RemovalPolicy.DESTROY,
          billingMode: BillingMode.PAY_PER_REQUEST,
        },
        relyingPartyName: 'Passwordless Fido2 Example',
        allowedRelyingPartyIds: ['localhost'],
        attestation: 'none',
        userVerification: 'required',
        updatedCredentialsNotification: {
          sesFromAddress: props.sesFromAddress,
          sesRegion: region,
        },
      },
      smsOtpStepUp: {},
      userPoolClientProps: {
        // perrty short so you see token refreshes in action often:
        idTokenValidity: Duration.minutes(5),
        accessTokenValidity: Duration.minutes(5),
        refreshTokenValidity: Duration.hours(1),
        // while testing/experimenting it's best to set this to false,
        // so that when you try to sign in with a user that doesn't exist,
        // Cognito will tell you that––and you don't wait for a magic link
        // that will never arrive in your inbox:
        preventUserExistenceErrors: false,

      },
      functionProps: {
        createAuthChallenge: {
          // Override entry, to point to your custom code:
          entry: path.join(__dirname, "../../../src/lambda/workflow/create-auth-challenge/index.ts"),
        },
      },
      logLevel: 'DEBUG',
    })
...

Where index.ts is:

import { magicLink } from "amazon-cognito-passwordless-auth/custom-auth";

// Export the solution's handler to be the handler of YOUR Lambda function too:
export { createAuthChallengeHandler as handler } from "amazon-cognito-passwordless-auth/custom-auth";

// Calling configure() without arguments retrieves the current configuration:
const defaultConfig = magicLink.configure();

// Swap in your own logic:
magicLink.configure({
  async contentCreator({ secretLoginLink }) {
    return {
      html: {
        data: `<html><body><p>Your secret sign-in link: <a href="${secretLoginLink}">sign in</a></p>This link is valid for ${Math.floor(
          defaultConfig.secondsUntilExpiry / 60
        )} minutes<p></p></body></html>`,
        charSet: "UTF-8",
      },
      text: {
        data: `Your secret sign-in link: ${secretLoginLink}`,
        charSet: "UTF-8",
      },
      subject: {
        data: "Your secret sign-in link",
        charSet: "UTF-8",
      },
    };
  },
});

But I get the following error:

{
    "errorType": "Error",
    "errorMessage": "Dynamic require of \"stream\" is not supported",
    "stack": [
        "Error: Dynamic require of \"stream\" is not supported",
        "    at file:///var/task/index.mjs:12:9",
        "    at node_modules/cbor/lib/commented.js (file:///var/task/index.mjs:2240:18)",
        "    at __require2 (file:///var/task/index.mjs:15:50)",
        "    at node_modules/cbor/lib/cbor.js (file:///var/task/index.mjs:3851:25)",
        "    at __require2 (file:///var/task/index.mjs:15:50)",
        "    at file:///var/task/index.mjs:5655:27",
        "    at ModuleJob.run (node:internal/modules/esm/module_job:194:25)"
    ]
}

Disabling it, the email works without issue.

Any advice is much appreciated

ottokruse commented 1 year ago

Hi! I believe the "Dynamic require of \"stream\" is not supported" can be solved by adding a banner to your bundling options:

bundling: {
  ..., // other bundling options
  banner: "import{createRequire}from 'module';const require=createRequire(import.meta.url);"
}
ottokruse commented 1 year ago

There's an open issue at esbuild for this but I don't have a link to it handy

nkhine commented 1 year ago

Hi @ottokruse , I got the https://github.com/aws-samples/amazon-cognito-passwordless-auth/issues/90, and that fixed it. thanks