Book Image

Building Serverless Web Applications

By : Diego Zanon
Book Image

Building Serverless Web Applications

By: Diego Zanon

Overview of this book

This book will equip you with the knowledge needed to build your own serverless apps by showing you how to set up different services while making your application scalable, highly available, and efficient. We begin by giving you an idea of what it means to go serverless, exploring the pros and cons of the serverless model and its use cases. Next, you will be introduced to the AWS services that will be used throughout the book, how to estimate costs, and how to set up and use the Serverless Framework. From here, you will start to build an entire serverless project of an online store, beginning with a React SPA frontend hosted on AWS followed by a serverless backend with API Gateway and Lambda functions. You will also learn to access data from a SimpleDB database, secure the application with authentication and authorization, and implement serverless notifications for browsers using AWS IoT. This book will describe how to monitor the performance, efficiency, and errors of your apps and conclude by teaching you how to test and deploy your applications.
Table of Contents (17 chapters)
Title Page
Credits
About the Author
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface

Handling authentication and authorization


In this section, we are going to use Amazon Cognito to create the users for our application and to be able to handle their login. After authenticating the user, we will be able to give proper authorization for the tasks that they are allowed to execute.

Amazon Cognito

Cognito provides two services such as User Pools and Identity Pools. The first is where you create and store user credentials, the latter is where you set the permissions for the user to access AWS resources.

We will start by creating a user pool, so we can add signup and signin features to our website, along with account recovery. We will add the user pool ID to our frontend code and requests will be done directly to the User Pool service, without needing to be executed from a Lambda function.

Later, we will configure an identity pool, which will be needed to give to the users temporary access to AWS resources. In our example, the user will be able to subscribe to IoT notifications directly...