enableMFA failing (user is not authenticated) when user is logged in

[ffxsam]

The documentation on the README for enableMFA isn't very clear on how to use it. My code is below:

      const cognitoUser = new CognitoUser({
        Pool: cognitoUserPool,
        Username: state.user.username,
      });

      cognitoUser.enableMFA((err, result) => {
        if (err) {
          reject(err);
          return;
        }

        console.log('mfa:', result);
      });

I get:

Promise {: Error: User is not authenticated at CognitoUser.enableMFA (webpack-internal:///./node_modules/am…}

This user is definitely already logged in. Why would it tell me they're not? Do I need to make another call to authenticateUser right before enableMFA?

[itrestian]

Well basically, it seems you just created the object just before the call which would mean that particular object doesn't represent an authenticated user. Yes, you would need an authenticated user to make that call. Also, note that enableMFA is used to enable SMS MFA. You would need to follow use cases 26 to 28 to associate, verify a software token and enable software token for the user.

[ffxsam]

Ok. I guess I'm still sorting out how Cognito works exactly. I thought instantiating the cognito user will pick up from localStorage if they're authenticated. signOut says it works on authenticated users only, yet I can call it without calling authenticateUser right beforehand.

But this works, calling authenticateUser immediately before setting up MFA works. I suppose that's how most sites work, prompting you for your password before enabling MFA.

Thanks!