SMS user authentication with Vapor and AWS | raywenderlich.com

natanrolnik · January 7, 2020, 10:41am

In this SMS user authentication tutorial you will learn how to use AWS and Vapor to authenticate your users with their phone number.

This is a companion discussion topic for the original entry at https://www.raywenderlich.com/4379841-sms-user-authentication-with-vapor-and-aws

jorge_mz · January 7, 2020, 4:38pm

Not Working, more info, "How get AWS_KEY_ID and AWS_SECRET_KEY ", all the configuration of AWS for this project sample.

natanrolnik · January 7, 2020, 9:11pm

Hey @jorge_mz.

To begin with, you’ll need an AWS account. If you already have one, of after creating it, check this guide and the additional links there to see how to get the key id and the secret key, either for the root account or the IAM user. You need to make sure that these credentials have permission to access the SNS resources.

Once these are set up, you can start the tutorial.

jorge_mz · January 8, 2020, 2:31am

I get, key id and the secret key, for un user no root, but I get an error "… is not authorized to perform: SNS:Publish on resource: +51973912122 (ErrorMiddleware.swift:26) ".
The IAM user, have, AmazonSNSFullAccess (AWS managed policy)

natanrolnik · January 8, 2020, 9:37am

@jorge_mz could you please paste here the contents of the policy? It might be that we’re missing something.

jorge_mz · January 8, 2020, 1:45pm

I have this.
Captura de Pantalla 2020-01-08 a la(s) 08.43.21

jorge_mz · January 8, 2020, 4:01pm

Gracias Natan, ya esta funcionando. Yujuuuuu…

utility_monst3r · January 13, 2020, 7:08pm

SMS is not recommended for 2FA because of security risks both in SS7 vulnerabilities and SIM swapping, and is no longer recommended by NIST. It’s only kind-of okay because an attacker would still need your password (and it’s better than no 2FA).

Your phone number is also not something that is necessarily consistent throughout your life, you could potentially change it and it could be given to someone else.

Using SMS as your only authentication means sounds like a poor security practice.

(the content of the article in general though was very good)

alif · March 13, 2020, 3:42pm

how we can add JWT with this article thanks

alif · March 18, 2020, 7:01am

Will you update this project with Vapor 4 ?

natanrolnik · March 19, 2020, 12:47pm

Yes, we will probably update the posts in the weeks following Vapor 4 gets out of RC.

proxpero · August 7, 2020, 1:39pm

This wouldn’t work for me until I added a second message attribute: “AWS.SNS.SMS.SMSType” which has a value of type SNS.MessageAttributeValue with a stringValue property of “Transactional”. (ie I created an additional entry in the messageAttributes dictionary in the AWSSNSSender class initializer.)

(default is “Promotional”, which I couldn’t get to work even from the AWS console) “Transactional” is suitable for “one-time passcodes” per AWS docs

danurigom · September 4, 2020, 12:45am

Hi Nathan, can you update this project please to Vapor 4? Thanks thanks!

natanrolnik · October 15, 2020, 8:29am

Hi @danurigom and @alif

This post was updated to Vapor 4 and you can find it here:

https://www.raywenderlich.com/13508424-sms-user-authentication-with-vapor-and-aws

shogunkaramazov · April 6, 2021, 6:33am

This tutorial is more than six months old so questions are no longer supported at the moment for it. Thank you!