How to login with AWS Cognito without using native SDK
Solution 1
You can implement a backend service to validate Cognito credentials.
In this approach, you can implement a login screen in the mobile app which sends the user credentials to the backend. In the backend you can verify the credentials using Cognito SDK and issue a token that will be sent for subsequent API requests from mobile app.
You can use AWS API Gateway and Lambda to implement this.
For example refer this to implement a NodeJS backend.
Solution 2
You can try the amazon_cognito_identity_dart package which is written purely in Dart.
import 'package:amazon_cognito_identity_dart/cognito.dart';
final userPool = new CognitoUserPool(
'ap-southeast-1_xxxxxxxxx', 'xxxxxxxxxxxxxxxxxxxxxxxxxx');
final cognitoUser = new CognitoUser(
'[email protected]', userPool);
final authDetails = new AuthenticationDetails(
username: '[email protected]', password: 'Password001');
CognitoUserSession session;
try {
session = await cognitoUser.authenticateUser(authDetails);
} on CognitoUserException catch (e) {
// handle CognitoUser exceptions
} catch (e) {
print(e);
}
print(session.isValid());
See the Example Secure Counter App to get ideas on how to use it with Flutter.
Disclaimer: I am the original author of the package.
haz
Updated on December 04, 2022Comments
-
haz over 1 year
I want to authenticate my users using Cognito, for an app built in Flutter and Dart.
Unfortunately native AWS SDKs don't exist for Dart, and I can't use JS interop in Flutter.
I've looked at the OAuth2 flow, but that requires my users to be redirected to a login form, which isn't great for a mobile app.
What are the alternatives?
-
haz about 6 yearsIs it okay for me to send username/password information over the network? That feels insecure.
-
Ashan about 6 yearsAPI Gateway uses SSL to encrypt data at transit.
-
TemporaryFix over 5 yearsthe example in that link is a client side example. There are no examples of getting the current user through a session token. Would you suggest storing the whole cognito user object client side and sending that for every request?
-
Ashan over 5 yearsThe sample code given could be also used in server side for a node js backend. if you pass the credentials to the server side and use signup or authenticateUser methods it should work.
-
Christine about 5 yearsStep by step instructions here: medium.com/@wesselsbernd/…