If you require this function to run for every user; social, database, or otherwise, then you will need to use a post login Action or a Rule.
I would suggest using an Action, as it is the successor to Rules and gives you access to a richer feature-set than Rules (versioning, full npm library, improved logging, etc.).
With that said, it is completely possible to achieve this with a Rule as well. Just be aware that rules have access to a limited set of npm modules and will be likely deprecated at some point in the future.
As for the execution, I would suggest using this type of flow with a post-login Action:
/**
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
//I am using aws-sdk@2.458.0 to stay consistent with your code, but you could use any version you prefer.
const AWS = require('aws-sdk');
exports.onExecutePostLogin = async (event, api) => {
//If the user has already been added to the DB, skip this action
if (event.user.app_metadata.addedToDynamoDB) {
return;
}
//Otherwise, perform the database operation
const db = new AWS.DynamoDB({
accessKeyId: event.secrets.AWS_KEY_ID,
secretAccessKey: event.secrets.AWS_SECRET,
region: event.secrets.AWS_REGION
});
try{
console.log("adding the user to DynamoDB");
const results = await db.listTables({}).promise();
//...add your call to add the user to DynamoDB
// Update the user's app metadata to indicate they have been added to the db
console.log("successfully added user to DynamoDB");
api.user.setAppMetadata("addedToDynamoDB", "true");
} catch (err) {
console.log(err)
}
};
Does that make sense? I wasn’t sure if you are trying to retrieve a user ID or add a user ID to dynamo, but you should be able to do either one. The important piece here is that you are using a flag in the user’s app_metadata to indicate the operation has been completed. This operation should only run on the first login (unless there is an error from AWS, then it will try again on the next login), and any future logins will skip this operation because of the flag.