I have setup a custom flow with cognito to send MFA codes via email using lambda triggers. I have just noticed though that the function does not appear to always work and the emails are not always sent when requesting to login.
My account is still in the sandbox mode since i want to stay in free tier but i havent went over my daily limit so i should still be able to send emails
I have setup the lambda function with a promise but this hasnt fixed the issue.
I checked the lambda and cloudwatch SES logs for the trigger and there isnt any failures according to it so i am quite confused
Any ideas what is happening?
here is my lambda trigger below for sending emails
const crypto = require("crypto");
var aws = require("aws-sdk");
var ses = new aws.SES({ region: "eu-west-2" });
exports.handler = async(event, context, callback) => {
var verificationCode = 0;
//Only called after SRP_A and PASSWORD_VERIFIER challenges.
if (event.request.session.length == 2) {
const n = crypto.randomInt(0, 100000);
verificationCode = n.toString().padStart(6, "0");
const minimumNumber = 0;
const maximumNumber = 100000;
verificationCode = Math.floor(Math.random() * maximumNumber) + minimumNumber;
await sendMail(event.request.userAttributes.email, verificationCode);
}
else {
//if the user makes a mistake, we pick code from the previous session instead of sending new code
const previousChallenge = event.request.session.slice(-1)[0];
verificationCode = previousChallenge.challengeMetadata;
}
//add to privateChallengeParameters, so verify auth lambda can read this. this is not sent to client.
event.response.privateChallengeParameters = { "verificationCode": verificationCode };
//add it to session, so its available during the next invocation.
event.response.challengeMetadata = verificationCode;
return event;
};
async function sendMail(emailAddress, secretLoginCode) {
const params = {
Destination: { ToAddresses: [emailAddress] },
Message: {
Body: {
Html: {
Charset: 'UTF-8',
Data: `<html><body><p>This is your secret login code:</p>
<h3>${secretLoginCode}</h3></body></html>`
},
Text: {
Charset: 'UTF-8',
Data: `Your secret login code: ${secretLoginCode}`
}
},
Subject: {
Charset: 'UTF-8',
Data: 'Your secret login code'
}
},
Source: 'my verified email'
};
await ses.sendEmail(params).promise();
}
nope i haven’t set it up to work with SNS so it won’t be able to do that surely?