Closed hackrx closed 2 years ago
Hi @hackrx, you can set the forceAliasAttributes
flag in the amplify/cli.json
to true before executing the amplify add auth
. See more details here
Hey @lazpavel, thanks for the follow-up, by following the link, I am able to set preferred_username
as `aliasAttribute.
Now, it is fine in console, it enabled both options, which I was expecting:
But I also want to allow users to sign-in/sign-up using google auth, but cli is not allowing:
amplify update auth ✔
Please note that certain attributes may not be overwritten if you choose to use defaults settings.
Using service: Cognito, provided by: awscloudformation
What do you want to do? Update OAuth social providers
Select the identity providers you want to configure for your user pool: (Press <space> to select, <a> to toggle all
, <i> to invert selection)
- Facebook (Your userpool is configured to require preferred_username, which cannot be retrieved from Facebook)
- Google (Your userpool is configured to require preferred_username, which cannot be retrieved from Google)
- Login With Amazon (Your userpool is configured to require preferred_username, which cannot be retrieved from Logi
n With Amazon)
- Sign in with Apple (Your userpool is configured to require preferred_username, which cannot be retrieved from Sig
n in with Apple)
Hi @hackrx, you're not allowed to select the social providers because you selected Preferred Username
for the What attributes are required for signing up?
. You should be able to use any social providers with the preferred_username as long as you select required signing attributes that are supported for the provider.
I can set it using the console, but not using cli:
The issue with this is, if next time, I will update anything, then it will remove the google federation from the respective pool.
Hey @lazpavel, I tried this way:
email
as the only required attribute.preSignUp
trigger for the lambda function.sub
as userName
in cognito, and set sent userName as preferred_username. const subUniq = uuidv4();
event.request.userAttributes.preferred_username = event.userName;
event.request.userAttributes.sub = subUniq;
event.request.userName = subUniq;
console.log("going to create a user with event.req: ");
console.log(event.request);
callback(null, event);
but I am facing Invalid user name. User name should be $username
, because I am manipulating event.username in the preSignUp function, and if i am passing preferred_username at the time of sign-up, I am getting
Enter correct parameters., underlyingException: com.amazonaws.services.cognitoidentityprovider.model.InvalidParameterException: Preferred username cannot be provided for unconfirmed account, since user pool is configured for preferred username alias
code which I am using for sign-up:
Map<String, String> userAttributes = {
'email': 'tesst@gmail.com',
'preferred_username': "hackrx1"
// additional attributes as needed
};
SignUpResult res = await Amplify.Auth.signUp(
username: 'hackrx',
password: 'Test@123',
options: CognitoSignUpOptions(
userAttributes: userAttributes));
I want to achieve:
Hi @hackrx, I believe you might be able to achieve what you need by configuring an userPool with preferred_username and without social providers, and then expand the userPool with social providers/do the mapping using amplify override auth
.
See more details here
Trying to setup a mock application at the moment to confirm that this will solve the requirements
can you please tell me how can I fulfill these requirements?
Username should be 36 char long uniq value (==sub).
Instead of userName, pass preferred_username, so that the user can update it, and use it for the next sign-in.
Email id as required attribute (no issues with email ID).
and in any platform (for eg. flutter) , if I am trying to sign up, then it says, username
is required attribute.
Looking forward for your response 🙂 .
Hi @hackrx, sorry for such a late response.
You can:
forceAliasAttributes: true
in the cli.jsonamplify add auth
and select Username
for How do you want users to be able to sign in?
amplify override auth
and manually add the social providers you want as follows in the override.ts
import { AmplifyAuthCognitoStackTemplate } from "@aws-amplify/cli-extensibility-helper";
export function override(resources: AmplifyAuthCognitoStackTemplate) {
resources.userPool.aliasAttributes = ["preferred_username"];
resources.addCfnResource(
{
type: "AWS::Cognito::UserPoolIdentityProvider",
properties: {
AttributeMapping: {
preferredUsername: "email",
email: "email"
},
ProviderDetails: {
client_id: "test",
client_secret: "test",
authorize_scopes: "test",
},
ProviderName: "LoginWithAmazon",
ProviderType: "LoginWithAmazon",
UserPoolId: {
Ref: "UserPool",
},
},
},
"amazon-social-provider"
);
}
Please reopen if you still have issues
@hackrx have you solved your issue?
@lazpavel hey! May you please provide the entire amplify auth add
configuration for this case?
I'm trying for hours to implement the amplify configuration enabling users to sign in with both username and email and signup by manual form or by the social provider without success :(
Every time I try, something goes wrong and the signup doesn't behave as expected.
Thank you.
Before opening, please confirm:
How did you install the Amplify CLI?
No response
If applicable, what version of Node.js are you using?
No response
Amplify CLI Version
7.6.2
What operating system are you using?
Mac
Amplify Categories
auth
Amplify Commands
push, update
Describe the bug
Right now, when we add an auth, this option is prompted, and it can't be changed later after deployment: I want to allow my users to login using the
preferred_username
, I know we can set it when user first signup using postConfirmation trigger, then we can set username as sub value, and preferred_username as what userName he has entered, but the issue is, suppose user updates his username (which indirecly only updates his pref_username), now he will not be able login again using this pref_username, because in cognito console, the configuration is set like this:Three options are not ticked, which will not allow users to login using the set
preferred_username
One more thing, I want to allow users to login/sign-up using Google, but if I choose
preferred_username
as required attribute, it doesn't allow me to add Google as social provider, instead it should prompt dev. to set preSignup function, to set pref_username equals to verified email.Expected behavior
Cli should have an option, to enable these ticks (allow login using username, email, or preferred_username), and dev. wants to add Google as a social provider, then cli should allow this.
Reproduction steps
With no social provider:
and with social provider:
GraphQL schema(s)
Log output
Additional information
am I missing something? please correct me if my requirements are complicated.