Folks, need some guidance on custom authentication with cognito.
First challenge should be PASSWORD_VERIFIER.
I kick off with my a initiate auth lambda using
client.admin_initiate_auth(UserPoolId=USER_POOL_ID,ClientId=CLIENT_ID, AuthFlow= 'CUSTOM_AUTH',...
Thereafter I call the define challenge lambda returning PASSWORD_VERIFIER challenge to my "initiate auth" lambda as follows:
if len(event["request"]["session"]) == 0:
event["response"]["issueTokens"] = False;
event["response"]["failAuthentication"] = False;
event["response"]["challengeName"] = 'PASSWORD_VERIFIER';
#...
return event
Now I have some diffficulties. What is next logical step? somehow I need to return to the user and ask for username and password I guess and therafter validate it...but how I need to do that?
I assume I re-execute my initiation lambda and add the new session and again call admin_initiate_auth with the extended session object. is that correct?
if so, how can i validate the username/password therafter in the verify challenge lambda? I dont see any method in the documentation that says validate username/password.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…