如何修复 AWS Cognito Lambda 触发器返回 {####} 而不是正确的 OTP?

问题描述 投票:0回答:1

我使用 AWS Cognito 进行用户身份验证,并实现了 Lambda 函数以通过 SendGrid 电子邮件服务发送验证电子邮件。使用 Lambda 和 SendGrid 的原因是我将 AWS SES 迁移到生产模式的请求总是被拒绝。

但是,我在检索触发器中的 OTP 时遇到问题。当我访问

event.request.codeParameter
时,它返回 {####} 而不是实际的 OTP。

这是 Lambda 函数:

const sgMail = require('@sendgrid/mail');
require('dotenv').config();

sgMail.setApiKey(process.env.SENDGRID_API_KEY);

exports.handler = async (event, context, callback) => {
    console.log("Received event:", JSON.stringify(event, null, 2));

    const msg = {
        to: event.request.userAttributes.email,
        from: '[email protected]', 
        subject: 'Verify Your Email',
        text: `Please verify your email by entering the following code: ${event.request.codeParameter}`,
        html: `<strong>Please verify your email by entering the following code: ${event.request.codeParameter}</strong>`
    };

    try {
        await sgMail.send(msg);

        callback(null, event);
    } catch (error) {
        console.error('Error sending email:', error);
        callback(error, null);
    }
};

这是收到的事件

2024-05-08T17:48:27.926Z INFO   Received event: 
{
    "version": "1",
    "region": "eu-north-1",
    "userPoolId": "String",
    "userName": "String",
    "callerContext": {
        "awsSdkVersion": "aws-sdk-unknown-unknown",
        "clientId": "String"
    },
    "triggerSource": "CustomMessage_SignUp",
    "request": {
        "userAttributes": {
            "sub": "40e32520-....",
            "cognito:email_alias": "[email protected]",
            "email_verified": "false",
            "cognito:user_status": "UNCONFIRMED",
            "email": "[email protected]"
        },
        "codeParameter": "{####}",
        "linkParameter": "{##Click Here##}",
        "usernameParameter": null
    },
    "response": {
        "smsMessage": null,
        "emailMessage": null,
        "emailSubject": null
    }
}

如何修复 Lambda 触发器以正确检索 OTP 而不是 {####}?

任何有关解决此问题的指导将不胜感激。谢谢!

email aws-lambda amazon-cognito sendgrid opt
1个回答
0
投票

Cognito 提供使用 KMS 密钥加密的密码和授权代码,因此您必须使用 kms 密钥解密代码,然后才能通过 Sendgrid 发送代码。

下面的 AWS 文档提供了有关配置 cognito 以使用 kms 密钥的详细信息以及显示如何解密授权令牌的代码示例。

https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-email-sender.html#enable-custom-email-sender-lambda-trigger

希望这有帮助

© www.soinside.com 2019 - 2024. All rights reserved.