When using DynamoDB steam as a trigger for Lambda, it gets triggers for all the DynamoDB events (ex: insert, delete, update). So, when verifying the code, I query by primary key with this combination in the DynamoDB table. When design the DynamoDB table, I used sessionId + OTP code as a primary key to easily query the required record. Because of this, when verifying the OTP code, it has to consider the same "expiredAt" field which was used to set TTL. It is deleted eventually and AWS only guarantees it to be deleted within 48 hours. However, DynamoDB will not delete your record immediately when the TTL is expired. Here I enabled DynamoDB TTL to delete the entries after a specific time to prevent fill out the table very quickly. In "Verify OTP" Lambda function, it queries the DynamoDB table with the given session-id and code and returns the success or error responses. Once the user enters the code and submits it, it will validate the code along with the session id using another API gateway endpoint that proxy to "Verify OTP" Lambda function. Meanwhile on the frontend side, once the session id is received from the API, 2nd form is presented to enter the code, which is emailed to the given address. Within the "Send Email" Lambda function, it will call the Simple Email Service (SES) to send out an email with the generated code to the email address provided. So, once the data are saved, it will trigger the "Send Email" Lambda function. Then only the session id will be returned as the response of the API endpoint.ĭynamoDB streams are enabled in the table. Once the code and session id is generated, "Generate OTP" Lambda will save these data into a DynamoDB table. User will enter their email and password and once the credentials are validated, an API endpoint is called to execute "Generate OTP" Lambda function which generates a 6 digit code along with a session id. In this scenario, I used a login form, which is developed with VueJS and hosted using Amplify static web hosting. This post describes how to implement a simple One Time Password (OTP) system with AWS Serverless services which can be used as a part of two-step verification.īelow tools and technologies used to build this application.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |