In this tutorial, we create Session Authentication using AWS Lambda and DynamoDB. We go over what Session Authentication is, why we use Lambda for it, and build it from scratch. We also go over testing, packaging, and deploying the Lambda functions using the Serverless Application Model (SAM) framework.
What is Session Authentication?
You might have already guessed it, session authentication is a type of authentication which is one of the most widely used kind and one of the easiest to implement.
How Does It Work?
When a user enters their credentials and submits a request to login, the backend first checks if the credentials are valid and if they are, a random string is generated. This randomly generated string is our session token.
This string is then stored in the database along with some other data that is required such as the User ID. Let’s call this string a token because that’s what it is, a token to get access to a set of services. This token is then stored on the client-side as a Cookie which is sent on every subsequent request to the backend of the application.
The following things happen when a user sends a request to the API:
- The request is sent to the server which contains the cookies
- Backend parses the cookies and gets the session token
- The session token is validated and if valid get the session data by sending a request to the database which stores the session token
#lambda-function #aws #programming #nodejs #dynamodb
