Intro
This post describes how to implement a simple One Time Password (OTP) system with AWS Serverless services which can be used as a p...
For further actions, you may consider blocking this person and/or reporting abuse
Great post! what tool did you use for the architecture diagram, Lucidcharts?
Thanks @karanpratapsingh for the feedback.
I use draw.io for these diagrams.
Thanks
I use it too, it's awesome
In DynamoDB single table design we can't use TTL. I don't know is it possible!
Hey Sekar, can you elaborate more why you cannot use TTL with single table design?
TTL is set for the entire table. In single table design, we have many entities in the same table. We can't set TTL on a single entity.
Very explained post. Thanks for this. 👍🏻👍🏻
Thanks for the feedback @aviboy2006
Great and useful post. 💯✌
Thanks @3much for the feedback!
FYI, the Github repo link is 404, may need to make it public?
Just made it public. Thanks for pointing this out @aaronbrighton .
Excellent post!
I wonder if this implementation limits the number of OTP's generated by email to avoid unnecessary consumption?
Thanks for the feedback @eliasibgerardo
In this implementation there is no limitation enforced. However, there are several ways to protect the unnecessary consumptions.
Since this OTP functionality meant to be consumed by already authenticated users, that will reduce the unnecessary usage since we can track the users who are actually using the system.
Also, in the infrastructure level, we can use Web Application Firewall (WAF) rules with throttling to protect the API end points per IP for example. docs.aws.amazon.com/waf/latest/dev...
Further, in the code level, we can implement our own rate limits per email address using the email address and expiryAt field values.
Great post and well detailed. Although I would say DynamoDB streams is unnecessary, the lambda that stores the function might as well call the SES service. What do you think?
Hi, its a great post, but send-email function gives error that
event.Records is not iterable