CognitoAuthAPI is a .NET Core API that integrates with Amazon Cognito Identity Provider to handle user authentication and related actions. This API allows users to sign up, confirm their account, sign in, reset their password, change their password, and retrieve their user information. See frontend here.
- Controller
- Global Error Handling Middleware
- Service Extensions
- Service
- Getting Started
- Usage
- API Endpoints
- Further Considerations
- Contact
The AuthController
is the main controller for this API, handling various user authentication and account-related actions. It includes the following actions:
SignUp
: Allows users to sign up for a new account.ConfirmSignUp
: Confirms a user's sign-up by validating a confirmation code.SignIn
: Allows users to sign in to their account.SendForgotPasswordCode
: Sends a code to reset the password.ConfirmForgotPassword
: Confirms a password reset request.ChangePasswordAsync
: Allows authenticated users to change their password.GetMe
: Retrieves user information for an authenticated user.
The GlobalErrorHandlingMiddleware
is used to handle exceptions that may occur during API operations. Any exception not caught in the service layer will be caught here, logged, and turned into a 500 response.
The ServiceExtensions
class includes extension methods for configuring services in the ASP.NET Core application. It sets up services related to the API, JWT authentication, and Swagger documentation.
The CognitoAuthService
class is responsible for interacting with Amazon Cognito Identity Provider. It provides methods for signing up users, confirming sign-up, signing in, resetting passwords, changing passwords, and handling user-related operations.
Before using this API, ensure that you have the following prerequisites installed:
- .NET Core SDK
- Amazon Cognito Identity Provider configuration (AWS Cognito)
-
Clone the repository:
git clone <repository-url>
-
Configure your AWS Cognito settings in the
appsettings.json
file. -
Build and run the application:
dotnet build dotnet run
The API should now be running and accessible at the specified endpoints.
To use this API, make HTTP requests to the defined endpoints in the AuthController
based on your authentication and account management needs. Be sure to handle authentication using JWT tokens when required.
The following are the main API endpoints provided by the AuthController
:
POST /api/Auth/signUp
: Sign up for a new account.POST /api/Auth/confirmSignUp
: Confirm a user's sign-up.POST /api/Auth/signIn
: Sign in to an existing account.GET /api/Auth/forgotPasswordCode
: Send a code to reset the password.POST /api/Auth/forgotPassword
: Confirm a forgot password reset request.POST /api/Auth/changePassword
: Change the user's password (requires authentication).GET /api/Auth/me
: Retrieve user information (requires authentication).DELETE /api/Auth/signOut
: Invalidates all identity, access, and refresh tokens that AWS has issued to the user.
- Identity Provider Flexibility - Consider abstracting the identity provider interactions further to allow for easier switching between different identity providers in the future
If you have any questions, feedback, or issues related to this API, please feel free to contact the project maintainers:
- Matt Weiss
- mattirvingweiss@gmail.com
We appreciate your interest and contributions to this project!