By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to login a user with temp password

0

I am using AWS Cognito as my user management store for the application I am developing using ReactJS.

At the start an admin user logs into the AWS console and creates a user using an email address and a temporary password. And when the user is created, an automatic email gets sent to the email address with the temp password that admin set. And the user's confirmation status set to "force change password".

As I am new to the AWS Cognito, I want to know how the rest of the workflow works. Especially how can I use the temp password to first time logs into the system, what API call I need to call ?

UPDATE: I have the following code to login user to the application, where it sends a request to the API. I have entered the email address and the temp password and try to authenticate the user, instead getting "{"__type":"NotAuthorizedException","message":"Incorrect username or password."}" error message.

import { AuthenticationDetails, CognitoUser,  } from "amazon-cognito-identity-js";
import UserPool from "./UserPool";

export const authenticate = (email, password) => {

    return new Promise( (resolve, reject) => {

        const user = new CognitoUser({ 
            Username: email,
            Pool: UserPool
         });

         const authDetails = new AuthenticationDetails({
            Username: email,
            password
         });

         user.authenticateUser(authDetails, {
            onSuccess: (result) => {
                console.log('login successful');
                resolve(result);
            },
            onFailure: (error) => {
                console.log('login failed');
                reject(error);
            }
         });

    });
}

I was expecting some other error, such like, as an example, "user needs to change password". But instead got the above error.

UPDATE ON THE QUESTION I have googled to see if there is a solution to send requests directly to Cognito user pool, thorough my ReactJS application. But I have not found any good solutions on how to do that. @Jeff Lombardo-AWS below suggested me to use the Amplify to achieve the same. But I was not interested in using Amplify for my application.

I have written the authentication logic in Python and put it into a lambda function and called the lambda function (through API Gateway) in my application. And I have successfully implemented the authentication flow.

Topics
Security, Identity, & ComplianceAWS Well-Architected Framework
Tags
AWS Identity and Access ManagementAmazon CognitoSecurity
Language
English
champer
asked 9 months ago573 views
1 Answer
1
Accepted Answer

Hi,

Please note that temporary password are only valid for a limited number of days after they have been generated.

For React, I would highly recommend to consider Amplify to abstract the integration with Cognito. You can find example in our documentation: https://docs.amplify.aws/start/getting-started/auth/q/integration/react/ and https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/authenticate-react-application-users-by-using-amazon-cognito-and-aws-amplify.html

Jeff

AWS
Jeff Lombardo-AWS
answered 9 months ago
profile picture
EXPERT
Giovanni Lauria
reviewed 25 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content