1. Go to this page and download the library: Download ellaisys/aws-cognito library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
'guards' => [
'web' => [
'driver' => 'cognito-session', // This line is important for using AWS Cognito as Web Driver
'provider' => 'users',
],
'api' => [
'driver' => 'cognito-token', // This line is important for using AWS Cognito as API Driver
'provider' => 'users',
],
],
use Ellaisys\Cognito\AwsCognito;
/**
* Register any application services.
*/
public function register(): void
{
AwsCognito::ignoreMigrations();
}
# AWS configurations for cloud storage
AWS_ACCESS_KEY_ID="Axxxxxxxxxxxxxxxxxxxxxxxx6"
AWS_SECRET_ACCESS_KEY="mxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx+"
# AWS Cognito configurations
AWS_COGNITO_CLIENT_ID="6xxxxxxxxxxxxxxxxxxxxxxxxr"
AWS_COGNITO_CLIENT_SECRET="1xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx1"
AWS_COGNITO_USER_POOL_ID="xxxxxxxxxxxxxxxxx"
AWS_COGNITO_REGION="xxxxxxxxxxx" //optional - default value is 'us-east-1'
AWS_COGNITO_VERSION="latest" //optional - default value is 'latest'
use Ellaisys\Cognito\Auth\RegistersUsers;
class UserController extends BaseController
{
use RegistersUsers;
public function register(Request $request)
{
$validator = $request->validate([
'name' => 'llection->only('name', 'email', 'password'); //passing 'password' is optional.
//Register User in cognito
if ($cognitoRegistered=$this->createCognitoUser($data)) {
//If successful, create the user in local db
User::create($collection->only('name', 'email'));
} //End if
//Redirect to view
return view('login');
}
}
AWS_COGNITO_NEW_USER_MESSAGE_ACTION="SUPPRESS"
AWS_COGNITO_FORCE_NEW_USER_EMAIL_VERIFIED=true //optional - default value is false.
AWS_COGNITO_DEFAULT_USER_GROUP="Customers"
AWS_COGNITO_FORCE_NEW_USER_PASSWORD=true //optional - default value is false.
AWS_COGNITO_REGISTRATION_TYPE="register" //optional - the default type is invite
namespace App\Http\Controllers;
...
use Ellaisys\Cognito\AwsCognitoClaim;
use Ellaisys\Cognito\Auth\AuthenticatesUsers as CognitoAuthenticatesUsers;
class AuthController extends Controller
{
use CognitoAuthenticatesUsers;
/**
* Authenticate User
*
* @throws \HttpException
*
* @return mixed
*/
public function login(\Illuminate\Http\Request $request)
{
...
//Convert request to collection
$collection = collect($request->all());
//Authenticate with Cognito Package Trait (with 'web' as the auth guard)
if ($response = $this->attemptLogin($collection, 'web')) {
if ($response===true) {
return redirect(route('home'))->with('success', true);
} elseif ($response===false) {
// If the login attempt was unsuccessful you may increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
//
//$this->incrementLoginAttempts($request);
//
//$this->sendFailedLoginResponse($collection, null);
} else {
return $response;
} //End if
} //End if
} //Function ends
...
} //Class ends
namespace App\Api\Controller;
...
use Ellaisys\Cognito\AwsCognitoClaim;
use Ellaisys\Cognito\Auth\AuthenticatesUsers as CognitoAuthenticatesUsers;
class AuthApiController extends Controller
{
use CognitoAuthenticatesUsers;
/**
* Authenticate User
*
* @throws \HttpException
*
* @return mixed
*/
public function login(\Illuminate\Http\Request $request)
{
...
//Convert request to collection
$collection = collect($request->all());
//Authenticate with Cognito Package Trait (with 'api' as the auth guard)
if ($claim = $this->attemptLogin($collection, 'api', 'username', 'password', true)) {
if ($claim instanceof AwsCognitoClaim) {
return $claim->getData();
} else {
return response()->json(['status' => 'error', 'message' => $claim], 400);
} //End if
} //End if
} //Function ends
...
} //Class ends
...
Auth::guard('api')->logout();
...
Auth::guard('api')->logout(true); //Revoke the Refresh Token.
namespace App\Api\Controller;
...
use Ellaisys\Cognito\AwsCognitoClaim;
use Ellaisys\Cognito\Auth\RefreshToken;
class AuthApiController extends Controller
{
use RefreshToken;
/**
* Generate a new token using refresh token.
*
* @throws \HttpException
*
* @return mixed
*/
public function refreshToken(\Illuminate\Http\Request $request)
{
...
$validator = $request->validate([
'email' => '
public function deleteUser(Request $request, AwsCognitoClient $client)
# Cache Configuration
CACHE_DRIVER="dynamodb"
DYNAMODB_CACHE_TABLE="table-name-of-your-choice" //This should match the table name provided above
# Session Configuration
SESSION_DRIVER="dynamodb"
SESSION_LIFETIME=120
SESSION_DOMAIN="set-your-domain-name" //The domain name can be as per your preference
SESSION_SECURE_COOKIE=true
# DynamoDB Configuration
DYNAMODB_ENDPOINT="https://dynamodb.us-west-2.amazonaws.com" // You can change the endpoint based of different regions
AWS_COGNITO_FORCE_PASSWORD_CHANGE_API=false //Make true for forcing password change
AWS_COGNITO_FORCE_PASSWORD_AUTO_UPDATE_API=true //Make false for stopping auto password change
AWS_COGNITO_CLIENT_SECRET_ALLOW=false
AWS_COGNITO_USER_SUBJECT_UUID="sub"
class User extends Authenticatable
{
...
/**
* The primary key for the model.
*
* @var string
*/
protected $primaryKey = null;
/**
* The attributes that are mass assignable.
*
* @var array<int, string>
*/
protected $fillable = [
'name',
'email',
'password',
'sub'
];
...
/**
* Create a new user instance.
*
* @param array $attributes
* @return void
*/
public function __construct(array $attributes = [])
{
parent::__construct($attributes);
$this->primaryKey = config('cognito.user_subject_uuid', 'id');
}
...
}