0
from flask import Flask, render_template, redirect, jsonify, request
from flask_awscognito import AWSCognitoAuthentication


application = Flask(__name__)

application.config['AWS_DEFAULT_REGION'] = 'eu-west-1' 
application.config['AWS_COGNITO_DOMAIN'] = 'https://xxxxxx.auth.eu-west-1.amazoncognito.com' #seguro
application.config['AWS_COGNITO_USER_POOL_ID'] = 'xxxxxx'   
application.config['AWS_COGNITO_USER_POOL_CLIENT_ID'] = 'xxxxxxx' 
application.config['AWS_COGNITO_USER_POOL_CLIENT_SECRET'] = 'xxxxxxx' 
application.config['AWS_COGNITO_REDIRECT_URL'] = 'http://localhost:5000/aws_cognito_redirect'


aws_auth = AWSCognitoAuthentication(application)


@application.route('/')
@aws_auth.authentication_required
def index():
    claims = aws_auth.claims 
    return jsonify({'claims': claims})


@application.route('/aws_cognito_redirect')
def aws_cognito_redirect():
    access_token = aws_auth.get_access_token(request.args)
    return jsonify({'access_token': access_token})


@application.route('/sign_in')
def sign_in():
    return redirect(aws_auth.get_sign_in_url())

after sign in it shows the token properly:

enter image description here

But now if I type http://localhost:5000/ on the browser it says there is no Token and I have no access to the claims:

enter image description here

Am I missing something? thanks

Miguel Gonzalez
  • 398
  • 1
  • 12
  • 2
    You're missing the part where your frontend includes the token in the authorization header for requests to flask with the access token you just got. By default its completely stateless on the server-side, the client (your SPA or frontend) holds the credentials to authenticate API requests – Andrew Gillis Dec 17 '22 at 02:15
  • can you provide an example of how to include the token in the index? – Miguel Gonzalez Dec 17 '22 at 02:41
  • 2
    It's actually mentioned in the docs: https://flask-awscognito.readthedocs.io/en/latest/auth_code.html#client – Andrew Gillis Dec 17 '22 at 02:42
  • That is the part that I do not know how to do: "present a token in each request to Flask endpoint using a HTTP header like Authorization: Basic TOKEN_HERE". I do not know how to do that. Thanks – Miguel Gonzalez Dec 17 '22 at 20:22

0 Answers0