search

awslabs / cognito-at-edge

Serverless authentication solution to protect your website or Amplify application
Apache License 2.0
191 stars 57 forks source link

Add additional handlers and CSRF protection #68

Closed vikas-reddy closed 1 year ago

vikas-reddy commented 1 year ago

Issue # (if available): https://github.com/awslabs/cognito-at-edge/issues/65 https://github.com/awslabs/cognito-at-edge/issues/66

Description of changes:

  1. Added additional handlers for signIn, parseAuth, refreshToken and signOut
  2. Added the ability to enable CSRF protection (csrfProtectionEnabled, disabled by default)
  3. Added the ability to enable and customize the uri for parseAuth handler
  4. Added a signOut handler that revokes tokens and clears cookies
  5. handle will now log user out if the request path matches the logoutUri param configured

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.