Support FORCE_CHANGE_PASSWORD state

amazon-archives / amazon-cognito-auth-js

The Amazon Cognito Auth SDK for JavaScript simplifies adding sign-up, sign-in with user profile functionality to web apps.

Apache License 2.0

423 stars 232 forks source link

Support FORCE_CHANGE_PASSWORD state #30

Open okkonen opened 6 years ago

okkonen commented 6 years ago

The sign in fails if an user is created by admin and the user status is FORCE_CHANGE_PASSWORD.

Would like to allow admin to created users as well.

craiggunson commented 6 years ago

If using the sample JS, it can be handled like so...

newPasswordRequired: function(userAttributes, requiredAttributes) {

        // the api doesn't accept these fields back
        delete userAttributes.email_verified;
        delete userAttributes.phone_number_verified;
        var newpass = prompt("Enter a new password:","");  
        cognitoUser.completeNewPasswordChallenge(newpass, userAttributes, this);
        }

okkonen commented 6 years ago

Not sure what you mean. As soon as I call CognitoAuth.getSession() it will redirect to hosted login page: https://.auth.eu-west-1.amazoncognito.com/login?....

And when trying to login with the temporary password it redirects to: https://thirdpresence.auth.eu-west-1.amazoncognito.com/error?error=Error%20sending%20message,%20please%20contact%20the%20app%20owner.

I am not getting any callbacks back to my app.

I know that I am able to do the new password challenge if I create my own login UI, but I wanted to use amazon-cognito-auth-js instead of doing all by myself.

rcfrias commented 6 years ago

I am sorry to disappoint you, but the admin-created users are not allowed for cognito auth, I also struggled with this situation, but it does appear in the docs. This might change in the future though.

itrestian commented 6 years ago

Support for admin created users is on our roadmap indeed. I cannot comment on a timeline however.

rcfrias commented 6 years ago

I actually tried to pull out the link with the note about this on the docs, but I was unable to find it. Could this be that it got deleted on the migration from beta to prod? I also had to re-upload the logo for the UI when this upgrade happened.

rachitdhall commented 6 years ago

@rcfrias you shouldn't have to re-upload your logo. Can you please send me a Private Message on the Amazon Cognito Forums with your user pool id?

rcfrias commented 6 years ago

@rachitdhall sent, although the user "rachitdhall" does not exist at aws, I used rachit instead and went through.

ashwindevendran commented 6 years ago

Hi,

We had added support for the requested flow.