Invalidate AWS Cognoto token at logout
Invalidate AWS Cognoto token at logout
I'm building Swift application with Python backend, and I'd like to use AWS Cognoto for authentication and registration flow.
Currently, I'm using following code to log in
let user = pool?.getUser(email)
user?.getSession(email, password: password, validationData: nil)
.continueWith { task in
// handle error/success
return nil
}
Pool is initialized above, using self.pool = AWSCognitoIdentityUserPool.default()
call.
self.pool = AWSCognitoIdentityUserPool.default()
On app startup, I'm checking, if user is authenticated, and getting it's access_token:
if AWSSignInManager.sharedInstance().isLoggedIn {
if let user = pool?.currentUser() {
user.getSession()
.continueWith { task in
token = task.result?.accessToken?.tokenString
return nil
}
}
}
And I'm passing this token to backend. On backend, I'm getting user's data via Python Warrant library:
from warrant import Cognito
u = Cognito("id", "key", user_pool_region="us-east-1")
u.access_token = "token"
res = u.get_user(attr_map={"sub": "user_id", "email": "email"})
If token is valid, I'm getting user's data, otherwise, exception is risen. But after the logout on client, this token is still alive. I'm using following logout code:
AWSSignInManager.sharedInstance().logout { (result: Any?, error: Error?) in
// handle results
}
I understand, that this token will expire after some timeout, and won't be refreshed, as on next login user will get another accces/refresh tokens pair, but I'd like to invalidate token immediately on signout, is it possible? Or I don't understand Cognito and use it incorrectly?
By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.