in lambda/handler.ts [75:108]
public async getLoggedInUser(event:APIGatewayEvent): Promise<User | null> {
const claims = event.requestContext?.authorizer?.claims;
if (!claims) {
throw new Error('Missing claims from event');
}
console.info({claims});
let username = claims['cognito:username'] as string;
username = username.replace('AmazonFederate_', '');
const user = await this.db.userGetByUsername(username);
if (!user) {
return null;
}
// For some reason we don't get the name and email when we validate the token in decode-verify-jwt.
if (user.emailAddress !== claims.email || user.firstName !== claims.given_name || user.lastName !== claims.family_name) {
console.log('Fixing user info');
// Update anything that changed, ignore anything that is blank
user.emailAddress = claims.email || user.emailAddress;
user.firstName = claims.given_name || user.firstName;
user.lastName = claims.family_name || user.lastName;
await this.db.userSave(user);
}
return user;
}