iT邦幫忙

2025 iThome 鐵人賽

DAY 21
0

前言

使用者註冊完後忘記密碼,需要進行重設的功能開發。

設計

Verify-vlog-email Lambda Function / verify-email

import os
import json
import boto3
from datetime import datetime

dynamodb = boto3.resource("dynamodb")
table = dynamodb.Table("vlog-nipapa-tw-user")

def lambda_handler(event, context):
    # --- CORS ---
    method = event.get("httpMethod") or event.get("requestContext", {}).get("http", {}).get("method")
    if method == "OPTIONS":
        return _cors(200, "")

    try:
        # 支援 queryString 或 body 取值
        params = event.get("queryStringParameters") or {}
        body = event.get("body")
        if body and isinstance(body, str):
            try:
                body = json.loads(body)
            except:
                body = {}
        if not params and body:
            params = body

        username = params.get("user")
        token = params.get("token")

        if not username or not token:
            return _cors(400, {"error": "Missing user or token"})

        # 查詢 DynamoDB
        resp = table.get_item(Key={"username": username})
        item = resp.get("Item")
        if not item:
            return _cors(400, {"error": "User not found"})

        if item.get("verified"):
            return _cors(200, {"message": "User already verified"})

        if item.get("verify_token") != token:
            return _cors(400, {"error": "Invalid token"})

        # 驗證是否過期
        expire_str = item.get("verify_expire")
        if expire_str:
            expire_time = datetime.fromisoformat(expire_str)
            if datetime.utcnow() > expire_time:
                return _cors(400, {"error": "Token expired"})

        # 更新 verified 狀態
        table.update_item(
            Key={"username": username},
            UpdateExpression="SET verified = :v REMOVE verify_token, verify_expire",
            ExpressionAttributeValues={":v": True}
        )

        return _cors(200, {"message": "✅ Email verified successfully"})

    except Exception as e:
        print("❌ ERROR:", str(e))
        return _cors(500, {"error": str(e)})


def _cors(code, body):
    return {
        "statusCode": code,
        "headers": {
            "Access-Control-Allow-Origin": "*",
            "Access-Control-Allow-Methods": "OPTIONS,GET,POST",
            "Access-Control-Allow-Headers": "Content-Type,Authorization"
        },
        "body": json.dumps(body)
    }

調整 Role

  • 因為要在 DynamoDB 裡面提取資料,寫入註冊狀態,所以需要配置給他 dynamodb
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "logs:CreateLogGroup",
            "Resource": "arn:aws:logs:ap-northeast-1:<AWS_ID>:*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": [
                "arn:aws:logs:ap-northeast-1:<AWS_ID>:log-group:/aws/lambda/register-vlog-member:*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "dynamodb:GetItem",
                "dynamodb:PutItem",
                "dynamodb:UpdateItem",
                "dynamodb:Query",
                "dynamodb:Scan"
            ],
            "Resource": [
                "arn:aws:dynamodb:ap-northeast-1:<AWS_ID>:table/vlog-nipapa-tw-user"
            ]
        }
    ]
}

結論

  • 先前已經做過 SES 綁域名發信的 identity 了,這篇就直接拿來用哩!

https://ithelp.ithome.com.tw/upload/images/20251001/20130149mhZyvuOJZa.png

https://ithelp.ithome.com.tw/upload/images/20251001/201301492wjNP8TnGJ.png


上一篇
【Day 20】 會員功能擴充 - 設定寄信重設密碼功能 (上)
下一篇
【Day 22】 影音創作者的 AI 素材庫產生器 - Amazon Nova Reel / Nova Canvas
系列文
無法成為片師也想拍 Vlog?!個人影音小工具的誕生!24
圖片
  熱門推薦
圖片
{{ item.channelVendor }} | {{ item.webinarstarted }} |
{{ formatDate(item.duration) }}
直播中

尚未有邦友留言

立即登入留言