AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約

How to login a user with temp password

0

I am using AWS Cognito as my user management store for the application I am developing using ReactJS.

At the start an admin user logs into the AWS console and creates a user using an email address and a temporary password. And when the user is created, an automatic email gets sent to the email address with the temp password that admin set. And the user's confirmation status set to "force change password".

As I am new to the AWS Cognito, I want to know how the rest of the workflow works. Especially how can I use the temp password to first time logs into the system, what API call I need to call ?

UPDATE: I have the following code to login user to the application, where it sends a request to the API. I have entered the email address and the temp password and try to authenticate the user, instead getting "{"__type":"NotAuthorizedException","message":"Incorrect username or password."}" error message.

import { AuthenticationDetails, CognitoUser,  } from "amazon-cognito-identity-js";
import UserPool from "./UserPool";

export const authenticate = (email, password) => {

    return new Promise( (resolve, reject) => {

        const user = new CognitoUser({ 
            Username: email,
            Pool: UserPool
         });

         const authDetails = new AuthenticationDetails({
            Username: email,
            password
         });

         user.authenticateUser(authDetails, {
            onSuccess: (result) => {
                console.log('login successful');
                resolve(result);
            },
            onFailure: (error) => {
                console.log('login failed');
                reject(error);
            }
         });

    });
}

I was expecting some other error, such like, as an example, "user needs to change password". But instead got the above error.

UPDATE ON THE QUESTION I have googled to see if there is a solution to send requests directly to Cognito user pool, thorough my ReactJS application. But I have not found any good solutions on how to do that. @Jeff Lombardo-AWS below suggested me to use the Amplify to achieve the same. But I was not interested in using Amplify for my application.

I have written the authentication logic in Python and put it into a lambda function and called the lambda function (through API Gateway) in my application. And I have successfully implemented the authentication flow.

1回答
2
承認された回答

Hi,

Please note that temporary password are only valid for a limited number of days after they have been generated.

For React, I would highly recommend to consider Amplify to abstract the integration with Cognito. You can find example in our documentation: https://docs.amplify.aws/start/getting-started/auth/q/integration/react/ and https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/authenticate-react-application-users-by-using-amazon-cognito-and-aws-amplify.html

Jeff

AWS
回答済み 1年前
profile picture
エキスパート
レビュー済み 6ヶ月前
profile picture
エキスパート
レビュー済み 8ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ