ytensor42 · October 24, 2018 20:40
diff --git a/cognito-tokens-in-nodejs b/cognito-tokens-in-nodejs
 - https://codewithintent.com/how-to-authenticate-users-with-tokens-using-cognito/

 * Getting the tokens on login

 const authenticationData = {
  Username: user.email,
  Password: user.password,
 };
 const authenticationDetails = new AuthenticationDetails(authenticationData);
 const userData = {
  Username: user.email,
  Pool: this.userPool
 };
 const cognitoUser = new CognitoUser(userData);
 cognitoUser.authenticateUser(authenticationDetails, {
  onSuccess: function (session) {
    const tokens = {
      accessToken: session.getAccessToken().getJwtToken(),
      idToken: session.getIdToken().getJwtToken(),
      refreshToken: session.getRefreshToken().getToken()
    };
    cognitoUser['tokens'] = tokens; // Save tokens for later use
    resolve(cognitoUser); // Resolve user
  },
  onFailure: function (err) {
    return reject(err); // Reject out errors
  },
 });


 * Using the tokens to get a valid CognitoUser

 const AccessToken = new CognitoAccessToken({ AccessToken: tokens.accessToken });
 const IdToken = new CognitoIdToken({ IdToken: tokens.idToken });
 const RefreshToken = new CognitoRefreshToken({ RefreshToken: tokens.refreshToken });

 const sessionData = {
  IdToken: IdToken,
  AccessToken: AccessToken,
  RefreshToken: RefreshToken
 };
 const userSession = new CognitoUserSession(sessionData);

 const userData = {
  Username: email,
  Pool: this.userPool
 };

 const cognitoUser = new CognitoUser(userData);
 cognitoUser.setSignInUserSession(userSession);

 cognitoUser.getSession(function (err, session) { // You must run this to verify that session (internally)
  if (session.isValid()) {
    // Update attributes or whatever else you want to do
  } else {
    // TODO: What to do if session is invalid?
  }
 });
	- https://codewithintent.com/how-to-authenticate-users-with-tokens-using-cognito/

	* Getting the tokens on login

	const authenticationData = {
	Username: user.email,
	Password: user.password,
	};
	const authenticationDetails = new AuthenticationDetails(authenticationData);
	const userData = {
	Username: user.email,
	Pool: this.userPool
	};
	const cognitoUser = new CognitoUser(userData);
	cognitoUser.authenticateUser(authenticationDetails, {
	onSuccess: function (session) {
	const tokens = {
	accessToken: session.getAccessToken().getJwtToken(),
	idToken: session.getIdToken().getJwtToken(),
	refreshToken: session.getRefreshToken().getToken()
	};
	cognitoUser['tokens'] = tokens; // Save tokens for later use
	resolve(cognitoUser); // Resolve user
	},
	onFailure: function (err) {
	return reject(err); // Reject out errors
	},
	});


	* Using the tokens to get a valid CognitoUser

	const AccessToken = new CognitoAccessToken({ AccessToken: tokens.accessToken });
	const IdToken = new CognitoIdToken({ IdToken: tokens.idToken });
	const RefreshToken = new CognitoRefreshToken({ RefreshToken: tokens.refreshToken });

	const sessionData = {
	IdToken: IdToken,
	AccessToken: AccessToken,
	RefreshToken: RefreshToken
	};
	const userSession = new CognitoUserSession(sessionData);

	const userData = {
	Username: email,
	Pool: this.userPool
	};

	const cognitoUser = new CognitoUser(userData);
	cognitoUser.setSignInUserSession(userSession);

	cognitoUser.getSession(function (err, session) { // You must run this to verify that session (internally)
	if (session.isValid()) {
	// Update attributes or whatever else you want to do
	} else {
	// TODO: What to do if session is invalid?
	}
	});