I'm trying to restrict my Lex Bot to only show results of a SQL Search that a certain User has access to. For example, if User A only has access to records that belong to User A, the Bot will not allow User A to search for records that belong to User B.
Right now, I've got my Bot set up on a website that I've hosted via AWS S3. The issue I'm facing right now is getting my user's login information from the parent page (the website I've set up in S3) and sending it to my Lex Bot (which I've embedded as an Iframe).
The login to the page is done via Google Login which saves an Access Token in my SQL Database. I'd like to know how I can send this access token to my Lex Bot so I can authenticate it via Lambda. (I've already got the Lambda portion done, just need to know how to get the message from the parent page. Ideally, this part happens before the User talks to the Bot, which means a postback message so the user cannot see this information)
Things I've tried:
- I've tried doing a separate lambda function to handle this part only but don't really know how to integrate it into the website.
- I've tried using event listeners but am not very sure if the message goes to the bot or just the IFrame.
Right now, I'm out of ideas and any help would be greatly appreciated.
I managed to finally do it by adding a Javascript function to post a message. It doesn't look very professional but it works.
function isBotMinimized() {
return $('.' + lexWebUi.options.containerClass)
.hasClass('lex-web-ui--minimize');
}
function sendMessage() {
return Promise.resolve()
.then(function () {
return !isBotMinimized() ||
lexWebUi.sendMessageToIframe({ event: 'toggleMinimizeUi' });
})
.then(function () {
return lexWebUi.sendMessageToIframe({ event: 'postText', message: "Welcome"});
})
.then(function () { console.log('message succesfully sent'); })
.catch(function (error) { console.error('error sending message ', error); });
}