danilop · shantanuo · Mar 5, 2017 · Mar 8, 2017
diff --git a/Chapter09/SampleAuth/fn/sampleAuthChangePassword/index.js b/Chapter09/SampleAuth/fn/sampleAuthChangePassword/index.js
@@ -9,103 +9,96 @@ var config = require('./config');
 var dynamodb = new AWS.DynamoDB();
 
 function getUser(email, fn) {
-  dynamodb.getItem({
-    TableName: config.DDB_TABLE,
-    Key: {
-      email: {
-        S: email
-      }
-    }
-  }, function(err, data) {
-    if (err) return fn(err);
-    else {
-      if ('Item' in data) {
-        var hash = data.Item.passwordHash.S;
-        var salt = data.Item.passwordSalt.S;
-        fn(null, hash, salt);
-      } else {
-        fn(null, null); // User not found
-      }
-    }
-  });
+	dynamodb.getItem({
+		TableName: config.DDB_TABLE,
+		Key: {
+			email: {
+				S: email
+			}
+		}
+	}, function(err, data) {
+		if (err) return fn(err);
+		else {
+			if ('Item' in data) {
+				var hash = data.Item.passwordHash.S;
+				var salt = data.Item.passwordSalt.S;
+				fn(null, hash, salt);
+			} else {
+				fn(null, null); // User not found
+			}
+		}
+	});
 }
 
 function updateUser(email, password, salt, fn) {
-  dynamodb.updateItem({
-      TableName: config.DDB_TABLE,
-      Key: {
-        email: {
-          S: email
-        }
-      },
-      AttributeUpdates: {
-        passwordHash: {
-          Action: 'PUT',
-          Value: {
-            S: password
-          }
-        },
-        passwordSalt: {
-          Action: 'PUT',
-          Value: {
-            S: salt
-          }
-        }
-      }
-    },
-    fn);
+	dynamodb.updateItem({
+			TableName: config.DDB_TABLE,
+			Key: {
+				email: {
+					S: email
+				}
+			},
+			AttributeUpdates: {
+				passwordHash: {
+					Action: 'PUT',
+					Value: {
+						S: password
+					}
+				},
+				passwordSalt: {
+					Action: 'PUT',
+					Value: {
+						S: salt
+					}
+				}
+			}
+		},
+		fn);
 }
 
-exports.handler = function(event, context) {
+exports.handler = (event, context, callback) => {
+	var email = event.email;
+	var oldPassword = event.oldPassword;
+	var newPassword = event.newPassword;
 
-  var email = event.email;
-  var oldPassword = event.oldPassword;
-  var newPassword = event.newPassword;
-
-  getUser(email, function(err, correctHash, salt) {
-    if (err) {
-      context.fail('Error in getUser: ' + err);
-    } else {
-      if (correctHash == null) {
-        // User not found
-        console.log('User not found: ' + email);
-        context.succeed({
-          changed: false
-        });
-      } else {
-        computeHash(oldPassword, salt, function(err, salt, hash) {
-          if (err) {
-            context.fail('Error in hash: ' + err);
-          } else {
-            if (hash == correctHash) {
-              // Login ok
-              console.log('User logged in: ' + email);
-              computeHash(newPassword, function(err, newSalt, newHash) {
-                if (err) {
-                  context.fail('Error in computeHash: ' + err);
-                } else {
-                  updateUser(email, newHash, newSalt, function(err, data) {
-                    if (err) {
-                      context.fail('Error in updateUser: ' + err);
-                    } else {
-                      console.log('User password changed: ' + email);
-                      context.succeed({
-                        changed: true
-                      });
-                    }
-                  });
-                }
-              });
-            } else {
-              // Login failed
-              console.log('User login failed: ' + email);
-              context.succeed({
-                changed: false
-              });
-            }
-          }
-        });
-      }
-    }
-  });
+	getUser(email, function(err, correctHash, salt) {
+		if (err) {
+			callback('Error in getUser: ' + err);
+		} else {
+			if (correctHash == null) {
+				// User not found
+				console.log('User not found: ' + email);
+				callback(null, { changed: false	});
+			} else {
+				cryptoUtils.computeHash(oldPassword, salt, function(err, salt, hash) {
+					if (err) {
+						callback('Error in hash: ' + err);
+					} else {
+						if (hash == correctHash) {
+							// Login ok
+							console.log('User logged in: ' + email);
+							cryptoUtils.computeHash(newPassword, function(err, newSalt, newHash) {
+								if (err) {
+									callback('Error in cryptoUtils.computeHash: ' + err);
+								} else {
+									updateUser(email, newHash, newSalt, function(err, data) {
+										if (err) {
+											callback('Error in updateUser: ' + err);
+										} else {
+											console.log('User password changed: ' + email);
+											callback(null, { changed: true });
+										}
+									});
+								}
+							});
+						} else {
+							// Login failed
+							console.log('User login failed: ' + email);
+							callback(null, { changed: false });
+						}
+					}
+				});
+			}
+		}
+	});
 }
diff --git a/Chapter09/SampleAuth/www/js/changePassword.js b/Chapter09/SampleAuth/www/js/changePassword.js
@@ -1,8 +1,8 @@
-AWS.config.region = '<REGION>';
+// Initialize the Amazon Cognito credentials provider
+AWS.config.region = 'us-east-1'; // Region
 AWS.config.credentials = new AWS.CognitoIdentityCredentials({
-  IdentityPoolId: '<IDENTITY_POOL_ID>'
+    IdentityPoolId: 'us-east-1:51d8f08c-a0d8-4607-9895-f2849ecec37a',
 });
-
 var lambda = new AWS.Lambda();
 
 function changePassword() {
@@ -23,60 +23,31 @@ function changePassword() {
     result.innerHTML = 'Please specify a new password.';
   } else if (newPassword.value != verifyNewPassword.value) {
       result.innerHTML = 'The new passwords are <b>different</b>, please check.';
-  } else {
-
-    var input = {
-      email: email.value,
-      password: oldPassword.value
-    };
-
-    lambda.invoke({
-      FunctionName: 'sampleAuthLogin',
-      Payload: JSON.stringify(input)
-    }, function(err, data) {
-      if (err) console.log(err, err.stack);
-      else {
-        var output = JSON.parse(data.Payload);
-				console.log('identityId: ' + output.identityId);
-				console.log('token: ' + output.token);
-        if (!output.login) {
-          result.innerHTML = '<b>Not</b> logged in';
-        } else {
-          result.innerHTML = 'Logged in with identityId: ' + output.identityId + '<br>';
-
-					var creds = AWS.config.credentials;
-					creds.params.IdentityId = output.identityId;
-					creds.params.Logins = {
-						'cognito-identity.amazonaws.com': output.token
-					};
-					creds.expired = true;
-
-	        var input = {
-	          email: email.value,
-	          oldPassword: oldPassword.value,
-	          newPassword: newPassword.value
-	        };
-
-				  lambda.invoke({
-				    FunctionName: 'sampleAuthChangePassword',
-				    Payload: JSON.stringify(input)
-				  }, function(err, data) {
-				    if (err) console.log(err, err.stack);
-				    else {
-				      var output = JSON.parse(data.Payload);
-				      if (!output.changed) {
-				        result.innerHTML = 'Password <b>not</b> changed.';
-				      } else {
-				        result.innerHTML = 'Password changed.';
-							}
-						}
-					});
+  } else
+
+               var input = {
+                  email: email.value,
+                  oldPassword: oldPassword.value,
+                  newPassword: newPassword.value
+                };
+
+
+                                  lambda.invoke({
+                                    FunctionName: 'sampleAuthChangePassword',
+                                    Payload: JSON.stringify(input)
+                                  }, function(err, data) {
+                                    if (err) console.log(err, err.stack);
+                                    else {
+                                      var output = JSON.parse(data.Payload);
+                                      if (!output.changed) {
+                                        result.innerHTML = 'Password <b>not</b> changed.';
+                                      } else {
+                                        result.innerHTML = 'Password changed.';
+                                                        }
+                                                }
+                                        });
 
-      	}
-      }
-    });
 
-  }
 }
 
 var form = document.getElementById('change-password-form');