Part 2 of this post series details how a registration and login system was designed using AWS. As a recap of Part 1, we have decided to host our React site in an S3 bucket that will be accessed from AWS CloudFront, a content delivery network that provides for more security and faster loading times.
Now that our website was able to be hosted and we could interact with it, we had to move on to the registration and login system so that users can access specific content. Exploring our options, AWS Cognito seemed to be the perfect service to implement. Cognito is a system that controls user authentication and access for applications. You can create registration and login rules, and as well as send emails for account verification.
Cognito even provides a preconfigured page for a login/registration on an AWS web address. However, this login UI is very limited in customization. You can tweak the CSS here and there, but many options remain immutable as AWS blocks attempting to customize them. For example, there was not a way to provide a background image behind the login UI. This ultimately led us to changing gears and developing our own login/registration system with authentication using JSON Web Tokens (JWT). In considering making this switch, we realized that if we were building an application to scale we would prefer to have more control over our registration and login process.
In order to build out this login system from scratch, we decided to use an AWS API Gateway, Lambda Functions, and a DynamoDB. In principle, this would create a login API we could use to authenticate and verify users. The routes would be established via the API Gateway, and the Lambda functions would provide functionality to check against the DynamoDB for login information. Since we planned to use this exact same structure to implement our matching and profile fetching/updating functionality, setting it up was a good way to test run our ideas.
This goes to show the importance of the design doc and really planning it out. We had already implemented the Cognito functionality, but because we did not research Cognito’s capabilities fully, we wasted time implementing it and had to find alternatives. Now that we have implemented our new approach, we are confident that using this same structure for other functionality throughout our application will not be an issue.