Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen

How to login a user with temp password

0

I am using AWS Cognito as my user management store for the application I am developing using ReactJS.

At the start an admin user logs into the AWS console and creates a user using an email address and a temporary password. And when the user is created, an automatic email gets sent to the email address with the temp password that admin set. And the user's confirmation status set to "force change password".

As I am new to the AWS Cognito, I want to know how the rest of the workflow works. Especially how can I use the temp password to first time logs into the system, what API call I need to call ?

UPDATE: I have the following code to login user to the application, where it sends a request to the API. I have entered the email address and the temp password and try to authenticate the user, instead getting "{"__type":"NotAuthorizedException","message":"Incorrect username or password."}" error message.

import { AuthenticationDetails, CognitoUser,  } from "amazon-cognito-identity-js";
import UserPool from "./UserPool";

export const authenticate = (email, password) => {

    return new Promise( (resolve, reject) => {

        const user = new CognitoUser({ 
            Username: email,
            Pool: UserPool
         });

         const authDetails = new AuthenticationDetails({
            Username: email,
            password
         });

         user.authenticateUser(authDetails, {
            onSuccess: (result) => {
                console.log('login successful');
                resolve(result);
            },
            onFailure: (error) => {
                console.log('login failed');
                reject(error);
            }
         });

    });
}

I was expecting some other error, such like, as an example, "user needs to change password". But instead got the above error.

UPDATE ON THE QUESTION I have googled to see if there is a solution to send requests directly to Cognito user pool, thorough my ReactJS application. But I have not found any good solutions on how to do that. @Jeff Lombardo-AWS below suggested me to use the Amplify to achieve the same. But I was not interested in using Amplify for my application.

I have written the authentication logic in Python and put it into a lambda function and called the lambda function (through API Gateway) in my application. And I have successfully implemented the authentication flow.

1 Antwort
2
Akzeptierte Antwort

Hi,

Please note that temporary password are only valid for a limited number of days after they have been generated.

For React, I would highly recommend to consider Amplify to abstract the integration with Cognito. You can find example in our documentation: https://docs.amplify.aws/start/getting-started/auth/q/integration/react/ and https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/authenticate-react-application-users-by-using-amazon-cognito-and-aws-amplify.html

Jeff

AWS
beantwortet vor einem Jahr
profile picture
EXPERTE
überprüft vor 7 Monaten
profile picture
EXPERTE
überprüft vor 8 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen