Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revert a breaking change to user pools, retain them post-deletion #412

Merged
1 commit merged into from
Jun 11, 2020
Merged

Revert a breaking change to user pools, retain them post-deletion #412

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion cloudformation/template.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1272,6 +1272,8 @@ Resources:

CognitoUserPool:
Type: AWS::Cognito::UserPool
DeletionPolicy: Retain
UpdateReplacePolicy: Retain
Properties:
UserPoolName: !Ref CognitoIdentityPoolName
# Lambda trigger caveats:
Expand Down Expand Up @@ -1306,7 +1308,6 @@ Resources:
Schema:
- AttributeDataType: String
Name: email
Required: true
AdminCreateUserConfig:
AllowAdminCreateUserOnly: !If [
InviteAccountRegistrationMode, 'true', 'false',
Expand Down
20 changes: 16 additions & 4 deletions lambdas/cognito-pre-signup-trigger/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,27 @@
// hosted UI will block the user from signing up, and this lambda will never
// run.

// Pulled from https://html.spec.whatwg.org/multipage/input.html#e-mail-state-(type%3Demail) and
// optimized in a few ways for size:
// - Classes of `[A-Za-z0-9]` were shortened to the equivalent `[^_\W]`.
// - Other instances of `0-9` in classes were converted to the shorthand `\d`.
// - The whole regexp was made case-insensitive to avoid the need for `A-Za-z` in classes.
// - As we're only testing, I replaced all the non-capturing groups with capturing ones.
//
// This is the same regexp as is used in dev-portal/src/pages/Admin/Accounts/PendingInvites.jsx.
const validEmailRegex =
/^[\w.!#$%&'*+\/=?^`{|}~-]+@[^_\W]([a-z\d-]{0,61}[^_\W])?(\.[^_\W]([a-z\d-]{0,61}[^_\W])?)*$/i

exports.handler = async event => {
const email = event.request.userAttributes.email
if (email == null) throw new Error('Email is required.')
if (!validEmailRegex.test(email)) throw new Error('Email is invalid.')

// To block the sign-up from occurring, throw an error. The message will be
// displayed to the user when they attempt to sign up, before Cognito asks
// for confirmation.

console.info(
`In Pre Signup Trigger for username=[${event.userName}]` +
` and email=[${event.request.userAttributes.email}]`
)
console.info(`In Pre Signup Trigger for username=[${event.userName}] and email=[${email}]`)

return event
}