search

cgauge / Flask-AWSCognito

Extension for Flask that adds support for AWSCognito into your application
https://flask-awscognito.readthedocs.io
MIT License
28 stars 28 forks source link

How are you consuming the access token in the frontend? #4

Closed devireds closed 4 years ago

devireds commented 4 years ago

Hello,

I am a beginner in Python and Flask and trying to build an application. I am using Cognito in my app and using "from flask_awscognito import AWSCognitoAuthentication" library similar to yours. I came across your profile from AWSCognitoAuthentication repo link and have few questions about the app.

  1. How are you consuming the access token in the front end?
  2. I tried to redirect to an S3 static html page and with set.cookie but the cookie disappears after the redirection. Can you please help me with this part?
  3. Are you redirecting to API Gateway or S3 static page?(AWS_COGNITO_REDIRECT_URL)?
babaMar commented 4 years ago

Hello,

our architecture is slightly more distributed and there are more backend services serving frontend. I understand your concerns, but unfortunately the Flask App in our case is not the one providing the token to frontend. The Flask App where we use this plugin assumes requests are authenticated with the token in the request header, so it's actually the other way around, the Flask App consumes the token in the header after validating the signature to make sure the request is authenticated.

About your questions:

  1. The frontend gets the token from another backend service and include the token in the header for the Flask App request.
  2. Sorry but I'm afraid this problem would require some time, which I don't really have.
  3. It redirects to yet another backend service, neither API Gateway nor S3 static page. This parameter is included in the request to get the sign-in url.

Make sure you go through the scenarios first.