53. Authentication for a CLI app with AWS Cognito - Live coding PART 6
https://youtu.be/b-FoqIcOcPw
How can you build a WeTransfer or a Dropbox Transfer clone on AWS?
This is our sixth (and last!) live coding stream. In this episode, we completed the authentication layer for our file transfer application. Specifically, we completed the OAuth 2 device flow on top of AWS Cognito and updated the weshare CLI application to support this new authentication flow. We also added an authorization layer in front of our file upload API.
All our code is available in this repository: https://github.com/awsbites/weshare.click
🔖 Chapters:
00:00 Intro
01:54 Reviewing the last step of the OAuth 2 Device Flow (and the code changes from the PR)
09:00 Adding an authorizer to the upload API
12:00 Testing the entire device authorization flow with Postman
23:00 Updating our weshare CLI to support the device authentication flow
26:37 Failing at git (as usual)
27:50 Testing the behavior of the CLI without authentication
29:05 Splitting the CLI code into multiple files (upload, login, logout)
38:50 Defining the flow of the login command
40:40 Interactively prompting the user for a login URL with enquirer
47:40 Starting the device auth flow using undici as HTTP client
52:33 Opening the browser window using the open package and showing a spinner with the ora package
58:41 Implementing the authentication polling logic using undici
01:13:50 Persisting the tokens with the conf package
01:24:25 Implementing the logout command
01:26:00 Updating the upload command to check if we are logged in and to send the authentication header
01:30:46 Questions, final remarks & wrap up
In this episode we mentioned the following resources:
 - GitHub PR with the final OAuth 2.0 device flow step: https://github.com/awsbites/weshare.click/pull/2
 - jwtinfo CLI tool: https://github.com/lmammino/jwtinfo
 - enquirer package: https://npm.im/enquirer
 - undici HTTP client package: https://npm.im/undici
 - open package to open the browser at a specific URL: https://npm.im/open
 - ora: animated spinner package: https://npm.im/ora
 - conf package for persisting user settings: https://npm.im/conf
We set ourselves up for a challenge and in this series of live streams we will try to incrementally build a simple clone of WeTransfer or Dropbox Transfer that would allow us to upload files and share them by URL.
Everything is up for discussion (and your opinion is important!) but right now we are expecting to be using S3, Lambda, API Gateway, Route53, DynamoDB and tons of Node.js!
Come and join us on this fantastic project! 🤩
All the episodes of this series:
- 🗒 Full playlist: https://www.youtube.com/watch?v=EfRElTYilyY&list=PLAWXFhe0N1vI1_z-06EzJ22pz95_gBrId
- PART 1: https://youtu.be/EfRElTYilyY (MVP with Lambda, API Gateway, and S3)
- PART 2: https://youtu.be/4wCX32YUtMk (Custom domain with Route53 and Content-Disposition)
- PART 3: https://youtu.be/hlW_RwRgskI (Observability best practices with Middy and Lambda Power Tools + CLI Application)
- PART 4: https://youtu.be/vVic3oqqqfY (Adding authentication using Cognito and implementing the OAuth 2 device flow)
- PART 5: https://youtu.be/0TzfkbisMEA (OAuth 2 device flow and DynamoDB Single Table Design)
- PART 6: https://youtu.be/b-FoqIcOcPw (Completing OAuth 2 device flow and Adding a login command to the CLI application)
#aws #cli #nodejs
How can you build a WeTransfer or a Dropbox Transfer clone on AWS?
This is our sixth (and last!) live coding stream. In this episode, we completed the authentication layer for our file transfer application. Specifically, we completed the OAuth 2 device flow on top of AWS Cognito and updated the weshare CLI application to support this new authentication flow. We also added an authorization layer in front of our file upload API.
All our code is available in this repository: https://github.com/awsbites/weshare.click
🔖 Chapters:
00:00 Intro
01:54 Reviewing the last step of the OAuth 2 Device Flow (and the code changes from the PR)
09:00 Adding an authorizer to the upload API
12:00 Testing the entire device authorization flow with Postman
23:00 Updating our weshare CLI to support the device authentication flow
26:37 Failing at git (as usual)
27:50 Testing the behavior of the CLI without authentication
29:05 Splitting the CLI code into multiple files (upload, login, logout)
38:50 Defining the flow of the login command
40:40 Interactively prompting the user for a login URL with enquirer
47:40 Starting the device auth flow using undici as HTTP client
52:33 Opening the browser window using the open package and showing a spinner with the ora package
58:41 Implementing the authentication polling logic using undici
01:13:50 Persisting the tokens with the conf package
01:24:25 Implementing the logout command
01:26:00 Updating the upload command to check if we are logged in and to send the authentication header
01:30:46 Questions, final remarks & wrap up
In this episode we mentioned the following resources:
 - GitHub PR with the final OAuth 2.0 device flow step: https://github.com/awsbites/weshare.click/pull/2
 - jwtinfo CLI tool: https://github.com/lmammino/jwtinfo
 - enquirer package: https://npm.im/enquirer
 - undici HTTP client package: https://npm.im/undici
 - open package to open the browser at a specific URL: https://npm.im/open
 - ora: animated spinner package: https://npm.im/ora
 - conf package for persisting user settings: https://npm.im/conf
We set ourselves up for a challenge and in this series of live streams we will try to incrementally build a simple clone of WeTransfer or Dropbox Transfer that would allow us to upload files and share them by URL.
Everything is up for discussion (and your opinion is important!) but right now we are expecting to be using S3, Lambda, API Gateway, Route53, DynamoDB and tons of Node.js!
Come and join us on this fantastic project! 🤩
All the episodes of this series:
- 🗒 Full playlist: https://www.youtube.com/watch?v=EfRElTYilyY&list=PLAWXFhe0N1vI1_z-06EzJ22pz95_gBrId
- PART 1: https://youtu.be/EfRElTYilyY (MVP with Lambda, API Gateway, and S3)
- PART 2: https://youtu.be/4wCX32YUtMk (Custom domain with Route53 and Content-Disposition)
- PART 3: https://youtu.be/hlW_RwRgskI (Observability best practices with Middy and Lambda Power Tools + CLI Application)
- PART 4: https://youtu.be/vVic3oqqqfY (Adding authentication using Cognito and implementing the OAuth 2 device flow)
- PART 5: https://youtu.be/0TzfkbisMEA (OAuth 2 device flow and DynamoDB Single Table Design)
- PART 6: https://youtu.be/b-FoqIcOcPw (Completing OAuth 2 device flow and Adding a login command to the CLI application)
#aws #cli #nodejs