How to use AMAZON_COGNITO_USER_POOLS in aws amplify API in ReactJS

1
votes

I have an app in React that uses AWS Amplify' API and Auth. I have configured both API_KEY and AMAZON_COGNITO_USER_POOLS for access to the API. I have for example a graphql schema like this:

type Course @model @auth(rules: [
    # Defaults to use the "owner" field.
    {allow: owner, ownerField: "author", provider: userPools, operations: 
    [read, create, update, delete]},
    # Admin users can access any operation.
    { allow: groups, groups: ["Admin"] },
    # Next allow public access with an API Key
    {allow: public, provider: apiKey, operations: [read]}
    ]){
    id: ID!
    title: String!
    content: String!
    author: String
}

I have pushed my changes (amplify push) but I get Not Authorized to access createCourse on type Course with a user that has successfully logged in via AWS Cognito when I try to create a course:

API.graphql({
   query: createCourse,
   variables: {input: {...course}},
   authMode: 'AMAZON_COGNITO_USER_POOLS'
})

Extra information:
I am using federated sign-in (Google). A user comes on the site, they signin via Google. The access token is available via: Auth.currentSession()).getIdToken().getJwtToken() but I do not if I have to do anything with this token or it is automatically used in the graphql API call.

1
amazon-web-servicesreact-nativeaws-amplify
please attach your Course model. - Alex
Sorty it was a typo: Blog => Course. - Evans
I've tried to reproduce your issue but everything seems good! it's enough{allow: owner, ownerField: "author", provider: userPools, operations: [read, create, update, delete]}, - Alex
maybe your problem is when using API_KEY? - Alex
I have added extra information, maybe you can now see exactly what I am doing. Is the federated sign in the problem? and what can I do to make the returned JWT used for the API access? - Evans

1 Answers

0
votes

In your type definition, you have ownerField: "author" so you should pass Current Authenticated User to input. 

course= {
        title: "titel...", 
        content: "content...", 
        author:user //Current Authenticated User
         };


Get the current authenticated user object

Auth.currentAuthenticatedUser({
       bypassCache: false 
      }).then(user => console.log(user))
        .catch(err => console.log(err));