I'm building a NextJS application and deploying it to AWS with SST.
I understand that in this context no API Gateway is generated, but instead a URL is linked directly to the server lambda. There's still an authorizer configuration available in this case.
I would like to have an authorizer using AWS Cognito that will redirect me to the home page if I access a path starting with /auth without any valid credentials, but so far I haven't been able to even configure the relationship between Cognito and my NextJS app.
Here's my SST stack so far:
import { SSTConfig } from 'sst';
import { NextjsSite, Cognito } from 'sst/constructs';
export default {
config(_input) {
return {
name: 'myapp',
region: 'us-east-1',
};
},
stacks(app) {
app.stack(function Site({ stack }) {
const site = new NextjsSite(stack, 'site', {
runtime: 'nodejs20.x',
cdk: {
server: {
logRetention: 30,
},
},
});
stack.addOutputs({
SiteUrl: site.url,
});
new Cognito(stack, 'auth', {
login: ['email'],
cdk: {
userPool: {
standardAttributes: {
givenName: { required: true, mutable: true },
familyName: { required: true, mutable: true },
},
},
},
}).attachPermissionsForAuthUsers(stack, [site]);
});
},
} satisfies SSTConfig;
At this point .attachPermissionsForAuthUsers(stack, [site]); definitely is not doing what I want it to do (as I cannot bind it to any specific path) and is giving me Error: The specified permissions are not supported.
I cannot find any docs that would show how to do it. I'm starting to wonder if it's possible at all or if I should just integrate cognito directly into the code of my NextJS app...