在Lambda函数中的身份验证代码部分添加以下代码：

if (event.request.session &&
    event.request.session.length >= 1 &&
    event.request.session[0].challengeName == 'CUSTOM_CHALLENGE') {
    // This is a continuation of the custom challenge
    if (event.request.session[0].challengeResult == true) {
        // authentication has already succeeded, return the same response again
        callback(null, event);
        return;
    }
    // The user provided the answer to the custom challenge previously
    //answer to the challenge should be passed as a JSON object
    if (event.request.privateChallengeParameters && 
        event.request.privateChallengeParameters.answer && 
        parseInt(event.request.privateChallengeParameters.answer) === 4) {
        // the answer is correct
        event.response.answerCorrect = true;
    } else {
        // the answer is incorrect
        event.response.answerCorrect = false;
    }
    // complete the challenge
    event.response.issueTokens = true;
    event.response.failAuthentication = false;
    callback(null, event);
    return;
}

以上代码假定你设置了一个名为“CUSTOM_CHALLENGE”的自定义挑战，其中用户必须回答一个问题来进行身份验证。在这个例子中，我们假定问题的答案为4，你可以自定义答案以适应你的应用程序。请确保Lambda函数返回符合AWS Cognito期望的JSON格式。此外，确保你使用了正确的用户池ID和客户端ID。