Integrate with AWS Cognito

[jhechtf]

This way we can have a user login system.

This also puts the consideration of fleshing out a small api for the todos to use with Cognito tokens.

[jhechtf]

In doing some research I found an article by AWS that describes the process, unfortunately over the past few days it has been taken down.

In looking other places I found two libraries, both of which appear to be authored by Amazon

https://www.npmjs.com/package/amazon-cognito-auth-js https://www.npmjs.com/package/amazon-cognito-identity-js

It seems that each of these handles a different section of the authorization flow needed.

As well, an explanation of the Cognito authorization flow can be found at https://aws.amazon.com/blogs/mobile/understanding-amazon-cognito-user-pool-oauth-2-0-grants/

Making these notes here in case I end up taking more time to get back to this endeavor than working memory would allow.

[jhechtf]

After deciding to build a quick back-end, I think that it might be worth it to break out certain parts of the CDK build to a shared infrastructure package. Will look into it and check feasability.

The issue is that the front-end AppConfig needs the API Endpoint, but the API Endpoint (sam cli) needs information from the CognitoPool in order to add the authorizers.

[jhechtf]

Currently have parts of the infrastructure, namely the cognito pool, being built out in a shared infrastructure repo.

The issue is that with my decision to attempt to use appconfig in order to store the necessary information in the front-end largely for use at build time there's an issue where on a first run in an environment for the front-end there won't be an appconfig to pull. This will mean that (in the theoretical event) that this needs to expand to other AWS accounts we would have to manually build and deploy the front-end with a dummy config file, just so subsequent calls (through CI/CD) could use it.

I don't like that.

So, I'm largely nuking AppConfig in favor of pulling the information using the AWS CLI pre build time.

I am also going to be splitting out a lot of the component UI to another package; this was meant originally to be about showing an application, however silly and simple.

[jhechtf]

Also, as documentation, you don't need the libraries for what I mentioned above. We've found some success in getting cognito integrated by using parts of the amplify library.

The two libraries are named @aws-amplify/auth and @aws-amplify/core you can view an implementation of it through the hooks/cognito.ts file which is still in rough development -- trying to figure out how I want this to work exactly and looking up if anyone has any better implementations.