Python package to use aws cognito in a simple way
Project description
cognitopy
This is a package that will allow you to use the aws Cognito technology, so for now we are going to allow the management of users, authentication and creation of groups by Roles.
The potential of this package is the ease of management of all these functionalities and only creating an object with 3 parameters.
Installation
pip install cognitopy
Variables for using the admin functions
The cognito admin functions require that we have the aws, access key and secret access key credentials defined as system environment variables.
import os
os.environ["AWS_ACCESS_KEY_ID"] = 'XXXXXXXXXXXXXXXXXXXXXXXX'
os.environ["AWS_SECRET_ACCESS_KEY"] = 'XXXXXXXXXXXXXXXXXXXXXXXX'
Usage
To define the cognitopy object it is necessary to give it the userpool_id, the client_id and the client_secret information.
The secret_hash parameter is set to False by default and indicates that for requests it is necessary to provide the secret_hash.
from cognitopy import CognitoPy
COGNITO_USERPOOL_ID = 'XXX-XXX-XXXXXX'
COGNITO_APP_CLIENT_ID = 'XXXXXXXXXXXXXXXXXXXXXXXX'
COGNITO_APP_CLIENTE_SECRET = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
cognitopy = CognitoPy(
userpool_id=COGNITO_USERPOOL_ID, client_id=COGNITO_APP_CLIENT_ID, client_secret=COGNITO_APP_CLIENTE_SECRET,
secret_hash=True
)
Now I will explain the different functions that we can use in this version, with an example.
All these examples are in the directory example.
Using context manager
It will allow us to use the cognitopy object in a context manager, so that we do not have to worry about closing the connection.
with CognitoPy(userpool_id=COGNITO_USERPOOL_ID, client_id=COGNITO_APP_CLIENT_ID,
client_secret=COGNITO_APP_CLIENTE_SECRET) as cognito:
cognito.register(username="XXXXX@mail.to", password="XXXXXXX8", user_attributes={})
Register a new user
It will register a user in our cognito service and send us a confirmation message.
id_user = cognito.register(username='XXXXX@mail.to', password='XXXXXXX8', user_attributes={})
print(id_user)
Confirm a new user
It is responsible for confirming the user from the number received by mail.
cognito.confirm_register(username='XXXXX@mail.to', confirmation_code='820850')
Resend confirm code
It allows us to receive a confirmation code again, when we have previously requested to change password or register.
cognito.resend_confirmation_code(username='XXXXX@mail.to')
Login a user
It will return the access token and refresh token of a confirmed user.
tokens = cognito.login(username='XXXXX@mail.to', password='XXXXXXX')
print(tokens['access_token'], tokens['refresh_token'])
Refresh access token
It will renew the user's access token.
access_token = cognito.renew_access_token(access_token='XXXXXXXXX', refresh_token='XXXXXXXXX')
print(access_token)
Check if access token is expired
Check if the access token has expired.
is_expired = cognito.check_expired_token(access_token='XXXXXXXXX')
print(is_expired)
Forgot password
Allows us to change our password by sending us a confirmation code.
cognito.initiate_forgot_password(username='XXXXX@mail.to')
Confirm forgot password
Change the password of a user from the confirmation code received.
cognito.confirm_forgot_password(username='XXXXX@mail.to', confirmation_code='YYYYY', password='XXXXXXX')
Delete user
Delete the user from his access token.
cognito.delete_user(access_token='XXXXXXXXX')
Change password
Change the password from your access token.
cognito.change_password(access_token='XXXXXXXXX', previous_password='XXXXXXX', proposed_password="XXXXXXX")
Get user information
We obtain basic user information from the user's access token.
data_user = cognito.get_info_user_by_token(access_token='XXXXXXXXX')
print(data_user['username'], data_user['groups'])
Admin delete user
We remove a user from our service from the administrator credentials.
cognito.admin_delete_user(username='XXXXX@mail.to')
Admin create group
We create a group from our service from the administrator credentials. precedence: A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. role_arn: The role Amazon Resource Name (ARN) for the group.
cognito.admin_create_group(group_name='test_group', description='test group', precedence=1)
Admin delete group
We remove a group from our service from the administrator credentials.
cognito.admin_delete_group(group_name='test_group')
Admin add user to group
We add a user to group from our service from the administrator credentials.
cognito.admin_add_user_to_group(username='XXXXX@mail.to', group_name='test_group')
Admin remove user from group
We remove a user to group from our service from the administrator credentials.
cognito.admin_remove_user_from_group(username='XXXXX@mail.to', group_name='test_group')
Admin confirm user registration
We confirm a user register from the administrator credentials.
cognito.admin_confirm_register(username="XXXXX@mail.to")
Admin create user
We create a user from the administrator credentials.
message_action = MessageAction.SUPPRESS | MessageAction.RESEND
Set to RESEND to resend the invitation message to a user that already exists and reset the expiration limit on the user’s account. Set to SUPPRESS to suppress sending the message.
desired_delivery = [DesiredDelivery.EMAIL | DesiredDelivery.SMS] or [DesiredDelivery.EMAIL, DesiredDelivery.SMS]
Specify EMAIL if email will be used to send the welcome message. Specify SMS if the phone number will be used.
optional temporary_password
cognito.admin_create_user(username="XXXXX@mail.to", force_alias=True, user_attributes={},
message_action=MessageAction.SUPPRESS, desired_delivery=[DesiredDelivery.EMAIL],
temporary_password="XXXXXXX")
Admin disable user
We disable a user from the administrator credentials.
cognito.admin_disable_user(username="XXXXX@mail.to")
Admin enable user
We enabled a user from the administrator credentials.
cognito.admin_enable_user(username="XXXXX@mail.to")
Admin get user
We get info about a user from the administrator credentials.
data_user = cognito.admin_get_user(username="XXXXX@mail.to")
print(data_user)
Admin login
We login a user from the administrator credentials.
tokens = cognito.admin_login(username="XXXXX@mail.to", password="XXXXXXX")
print(tokens)
Admin renew access token
We renew access token a user from the administrator credentials.
token = cognito.admin_renew_access_token(access_token="XXXXX", refresh_token="XXXXXXX")
print(token)
Admin list groups for user
We list groups for user from the administrator credentials.
groups = cognito.admin_list_groups_for_user(username="XXXXX@mail.to", limit=10)
print(groups)
groups = cognito.admin_list_groups_for_user(username="XXXXX@mail.to", limit=10, next_token=groups["NextToken"])
print(groups)
Admin reset password
We reset password from the administrator credentials.
After applying this function it will be necessary to launch the initiate_forgot_password function, since the user's password will be disabled.
cognito.admin_reset_password(username="XXXXX@mail.to")
Resolve challenge sms mfa
We resolve challenge sms mfa.
tokens = cognito.resolve_challenge_challenge_sms_mfa(username="XXXXX@mail.to", session="XXXXXX", sms_mfa_code="XXXXXX")
print(tokens)
Resolve challenge new password required
We resolve challenge new password required.
tokens = cognito.resolve_challenge_new_password(username="XXXXX@mail.to", session="XXXXXX", new_password="XXXXXX")
print(tokens)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file cognitopy-1.1.2.tar.gz.
File metadata
- Download URL: cognitopy-1.1.2.tar.gz
- Upload date:
- Size: 10.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | b7b531a6b458b42dc4758042055aacfd394cc1823954e08b6a6bf1f1b61f2449 |
|
| MD5 | 1ea2ca42513800ba9815cc60951fc8bb |
|
| BLAKE2b-256 | 1dbb0df0bcebebf94b1fe40e8123b08136deb9020ba86eaddde500f6798c114b |
File details
Details for the file cognitopy-1.1.2-py3-none-any.whl.
File metadata
- Download URL: cognitopy-1.1.2-py3-none-any.whl
- Upload date:
- Size: 9.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ce2c290a7e7e2fb3cdd73375dd06bd12eb6393a937aad3d584dc3aebdd5b9581 |
|
| MD5 | ff81743068ddb3ba16d56e572d9850a9 |
|
| BLAKE2b-256 | b75bb015836e65968f38a386a8764178caef8fede9f9b60f0c14a9506821126d |
