Cognito Client SDK
Frontend
UI
Session Context
Cognito Client SDK
Frontend
UI
Session Context
Cognito Client SDK
Frontend
UI
Session Context
{
username: xxx:
pasword: xxx}
Cognito Client SDK
Frontend
UI
Session Context
{
username: xxx:
pasword: xxx}
AWS Cognito
Backend
POST https://cognito-idp.us-east-1.amazonaws.com/
generate idToken/refreshToken
Authorization: idToken
Cognito Client SDK
Frontend
UI
Session Context
{
username: xxx:
pasword: xxx}
AWS Cognito
Backend
POST https://cognito-idp.us-east-1.amazonaws.com/
generate idToken/refreshToken
Authorization: idToken
Backend
Cognito Client SDK
Frontend
UI
Session Context
Remix Server
query, guard...etc
stateless
encrypt idToken & refreshToken and store in Cookie
Cookie limits imposed by RFC A browser should be able to accept at least 300 cookies with a maximum size of 4096 bytes, as stipulated by RFC 2109 (#6.3), RFC 2965 (#5.3), and RFC 6265.
One domain
Cookie
cookieHeader: __session=eyJzZXNzaW9uSWQiOiIwN2VjOTE0MS04MjVkLTRiZDAtYjk0OC01MzAyYjYzZmVhNDEifQ%3D%3D.1DD8empdMO6FOxXZ26Bv9WPmuDkoT%2FxuMmXNuYKqwhY; Path=/; HttpOnly; SameSite=Lax
memory/DB/Redis
{
xxxId:{
idToken:xxx,
refreshdToekn:xxx
}}
Ref