En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation

How to login a user with temp password

0

I am using AWS Cognito as my user management store for the application I am developing using ReactJS.

At the start an admin user logs into the AWS console and creates a user using an email address and a temporary password. And when the user is created, an automatic email gets sent to the email address with the temp password that admin set. And the user's confirmation status set to "force change password".

As I am new to the AWS Cognito, I want to know how the rest of the workflow works. Especially how can I use the temp password to first time logs into the system, what API call I need to call ?

UPDATE: I have the following code to login user to the application, where it sends a request to the API. I have entered the email address and the temp password and try to authenticate the user, instead getting "{"__type":"NotAuthorizedException","message":"Incorrect username or password."}" error message.

import { AuthenticationDetails, CognitoUser,  } from "amazon-cognito-identity-js";
import UserPool from "./UserPool";

export const authenticate = (email, password) => {

    return new Promise( (resolve, reject) => {

        const user = new CognitoUser({ 
            Username: email,
            Pool: UserPool
         });

         const authDetails = new AuthenticationDetails({
            Username: email,
            password
         });

         user.authenticateUser(authDetails, {
            onSuccess: (result) => {
                console.log('login successful');
                resolve(result);
            },
            onFailure: (error) => {
                console.log('login failed');
                reject(error);
            }
         });

    });
}

I was expecting some other error, such like, as an example, "user needs to change password". But instead got the above error.

UPDATE ON THE QUESTION I have googled to see if there is a solution to send requests directly to Cognito user pool, thorough my ReactJS application. But I have not found any good solutions on how to do that. @Jeff Lombardo-AWS below suggested me to use the Amplify to achieve the same. But I was not interested in using Amplify for my application.

I have written the authentication logic in Python and put it into a lambda function and called the lambda function (through API Gateway) in my application. And I have successfully implemented the authentication flow.

1 réponse
2
Réponse acceptée

Hi,

Please note that temporary password are only valid for a limited number of days after they have been generated.

For React, I would highly recommend to consider Amplify to abstract the integration with Cognito. You can find example in our documentation: https://docs.amplify.aws/start/getting-started/auth/q/integration/react/ and https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/authenticate-react-application-users-by-using-amazon-cognito-and-aws-amplify.html

Jeff

AWS
répondu il y a un an
profile picture
EXPERT
vérifié il y a 7 mois
profile picture
EXPERT
vérifié il y a 8 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions