12

In the course of building an android application I've run into the heavy issue of user management.

I see all over the place services that allow for users to register in my app using google, facebook, amazon, twitter, etc. (Amazon Cognito, Janrain, Google Identity Toolkit).

Ideally I would like to make use of Amazon Web Services throughout my application and, thusly, would need to make use of Amazon Cognito. However, as far as I can tell Cognito only provides for simple user registration via Facebook, Amazon, and Google, with the added ability to merge with developer authenticated identities.

After multiple hours of research into developing my own identity provider structure, implementing authentication protocols and all that jazz, I've come to the conclusion I have no idea what I'm doing in that area and I'd be best served leaving it alone for now.

All I want is to allow users to register to use my app with an email, username, and password, with the option to merge with their social accounts later, via Amazon Cognito. I just can't seem to find any straightforward answers anywhere.

So, how can I create a simple user registration flow that creates users which can later be linked to their other social accounts via Amazon Cognito?

4

3 回答 3

5

亚马逊最近宣布了作为完全托管的身份验证提供商工作的用户池。

他们负责所有基本逻辑,例如用户注册、电子邮件验证、密码重置等。并且还提供了一些更高级的功能,例如多因素身份验证或电话号码验证。

很酷的是,这些用户池可以扩展到数亿用户,您只需像使用其他身份验证提供程序一样使用它们(或者您当然可以将它们组合起来)。看看这个看看如何设置它们。

于 2016-04-27T16:36:26.420 回答
3

Amazon Cognito 不是身份验证提供商,因此如果您想使用电子邮件、用户名和密码注册用户,则必须实现自己的后端,并使用数据库来存储所有这些用户信息。既然您说您想在您的应用程序中使用 AWS,那么将您的后端与 Amazon Cognito 集成将允许您定义策略,以便您的用户可以访问 AWS 中的其他资源。例如,使用允许您的用户执行此操作的策略,直接从您的应用程序将文件上传到 S3。您也可以使用 Amazon Cognito 将您的用户帐户与其他身份提供商用户(例如:Facebook 用户)关联起来。

如果您想更好地了解 Cognito 如何与经过开发人员身份验证的用户一起工作,请查看此博文:http: //mobile.awsblog.com/post/Tx2FL1QAPDE0UAH/Understanding-Amazon-Cognito-Authentication-Part-2-Developer-Authenticated -识别

于 2015-01-15T02:47:17.903 回答
2

I was also curious how we can integrate authentication into Amazon Cognito and came to the conclusion that the best way would to use an authentication service.

We're a small company with a very small team, so speed of implementation and a clean API were big factors. Also cost. The top two options are DailyCred and LoginRadius.

DailyCred (We like this the best)

  • Positives - Clean easy API, $25 per 50k users (1m users = ~$500)
  • Negatives - Questionable if they will still be in business, but in their FAQ they said they would hand over opensource code if they went under.

LoginRadius

  • Positives - Somewhat usable API, reasonable pricing (1m users = ~ $1000)
  • Negatives - API is not as clean as DailyCred

Here are some other services that are available:

  • Parse - Vague pricing model and also rumored timeout issues
  • StormPath - Not sure of their API. Also a bit pricey.
  • Gigya - Enterprise, too big for me
  • JanRain - Enterprise, too big for me
  • AuthRocket - Really expensive
  • UserApp.io - No longer available

Amazon Cognito can be used with your own authenticated userID. Once you register/login/authenticate a user in DailyCred.

Hope that helps.

于 2015-02-20T06:58:34.130 回答