Skip to content

Add Login Endpoint #109

New issue
New issue
Open
Open
Add Login Endpoint#109
Assignees
denniwang
Labels
backend
@Vaibhav978

Description

@Vaibhav978
Vaibhav978
opened on Jan 29, 2026

Describe the solution you'd like
Add a Login endpoint that connects to AWS Cognito to sign the user in. Assume there is already an auth Lambda with a signup route but no sign-in. Also assume Cognito is set up.

  • New route (e.g. POST /auth/login) that accepts username/email and password.
  • Request body and response format are defined (e.g. in OpenAPI) and consistent with existing auth style.
  • Lambda calls Cognito to authenticate; on success returns tokens (e.g. IdToken, AccessToken, RefreshToken, - and optionally ExpiresIn).
  • Invalid credentials return an appropriate error (e.g. 401) and do not leak whether the username exists.

Additional context

  • It is probably best to use the SDK for calling Cognito from the auth Lambda, so you can avoid handling retries and errors yourself in comparison to just calling the APIs.
  • If the app client has a secret, store it securely (e.g. env/Secrets Manager)

Metadata

Metadata

Assignees

Labels

backend

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions