aws-amplify / amplify-flutter

A declarative library with an easy-to-use interface for building Flutter applications on AWS.
https://docs.amplify.aws
Apache License 2.0
1.32k stars 247 forks source link

Amplify.signIn() is taking longer than expected in Amplify Flutter v1 #3122

Closed tushkaty closed 11 months ago

tushkaty commented 1 year ago

Description

Hello Team,

We upgraded the amplify to latest version. The authentication with username and password taking alot of time. It was very fast earlier.

Is it new normal?

Categories

Steps to Reproduce

No response

Screenshots

No response

Platforms

Flutter Version

3.3.10

Amplify Flutter Version

1.1.0

Deployment Method

Amplify CLI

Schema

No response

Jordan-Nelson commented 1 year ago

Hello @tushkaty - I see you indicated that you are targeting iOS and Android. Are you noticing a significant difference between v0 and v1 for both platforms? Are there specific methods that (signIn(), signUp(), etc.) that seem to be slower compared to v0?

tushkaty commented 1 year ago

@Jordan-Nelson Thanks for the quick response. I see a significant delay in await _auth.signIn( username: userName, password: password, );

Before this method. flutter: 2023-05-30 21:59:54.223870 After this method flutter: 2023-05-30 22:00:02.618757

I see 6 secs. Sometimes it even takes more.

Jordan-Nelson commented 1 year ago

Okay. 6 seconds would be unusually long. I have a few follow up questions:

tushkaty commented 1 year ago
  • Are the logs from iOS or Android? - iOS
  • Is this on a physical device or a simulator / emulator? - Simulator
  • Are you running the app in debug or profile? - debug
  • Are you sure that the device has a stable internet connection? - Stable (Works great with 0.6 version)
Jordan-Nelson commented 1 year ago

@tushkaty Thanks for the info.

I am seeing 1-2 seconds on a simulator (in debug mode), but I do see much longer times on a physical iPhone 13 though (~6s in profile mode and ~8 in debug). Almost all of time seems to be spent on network requests (see screenshot from Flutetr dev tools below), which will depend on the network speed of your device and how far you are from the region your Cognito back end is located in.

I am going to mark this as a bug while we investigate further.

Screenshot 2023-05-31 at 11 49 31 AM
Jordan-Nelson commented 1 year ago

@tushkaty - The increased timing I was seeing on the physical iPhone appears to be due to a VPN. Without the VPN I am seeing similar times to the simulator (~2 seconds).

Can you open the Networking page in the Flutter dev tools, clear and requests, sign in, and then share a screenshot showing the timing?

tushkaty commented 1 year ago

I have tested this on iOS simulator with no VPN. 9 secs.

Screenshot 2023-06-01 at 7 01 07 PM
Jordan-Nelson commented 1 year ago

Your Cognito back end is located in US East. Is this the region you are geographically closest to?

You are using flutter 3.3.10, correct? Do you see this issue persist with the latest version of flutter/dart? There were some recently closed issues in Flutter/Dart around DNS resolution taking longer on iOS devices so I want to make sure this isn't an issue in Dart that has been resolved.

What version of iOS is the simulator running?

Do you have a physical device to test on?

Jordan-Nelson commented 1 year ago

@tushkaty - If you are still experiencing this, please let me know the answers to the questions above. Thanks.

tushkaty commented 1 year ago

Your Cognito back end is located in US East. Is this the region you are geographically closest to?

You are using flutter 3.3.10, correct? Do you see this issue persist with the latest version of flutter/dart? There were some recently closed issues in Flutter/Dart around DNS resolution taking longer on iOS devices so I want to make sure this isn't an issue in Dart that has been resolved.

What version of iOS is the simulator running?

Do you have a physical device to test on?

I'm located quite far from US East. We have all the servers in US East and like I said it was very fast prior to upgrade from the same region I'm trying now.

I tested on both simulator and physical device and the response time is pretty much same.

I have switched back to older version in our package and the response time was 2 secs flutter: 2023-06-08 19:09:30.905384 Start Time flutter: 2023-06-08 19:09:32.118092 End Time

print(DateTime.now());
  await Amplify.Auth.signIn(
        username: userName,
        password: password,
      );
print(DateTime.now());

I've now attached the network page screenshot from the phyical device with the latest Amplify. Flutter version: 3.10.4 iOS 16.5 Physical device iOS 16.4 Simulator Xcode 14.3.1

Screenshot 2023-06-08 at 6 14 52 PM
Jordan-Nelson commented 1 year ago

@tushkaty Thanks for the info. A few more follow up questions:

Based on the number of network requests and the latency, the total time you are seeing makes sense. However, it is possible there are more API calls being made in v1 than there were in v0 as part of the sign in flow. If you can let me know the answers to the questions above I can start looking into it.

tushkaty commented 1 year ago

@tushkaty Thanks for the info. A few more follow up questions:

  • Does you user pool allow for unauthenticated identities? (I think it likely does as you are not getting any 400s at the start of the sign up flow as I had in the screenshot I shared) but I want to confirm.
  • Can you confirm all 7 requests in that network screenshot are being triggered from a single call to signIn()? I want to confirm none of them are from APIs that are called in your application after the user logs in.

Based on the number of network requests and the latency, the total time you are seeing makes sense. However, it is possible there are more API calls being made in v1 than there were in v0 as part of the sign in flow. If you can let me know the answers to the questions above I can start looking into it.

Yes for both the questions.

Jordan-Nelson commented 1 year ago

@tushkaty Thanks for confirming.

Are you using the Amplify Authenticator UI component or have you built your own UI/logic for sign in and sign up? The number of calls you see will depend on what your sign in flow looks like. Can you share the x-amx-target header from each request? This will contain the operation performed.

The actual sign in call should only result in 4 requests. The first two are required for signing in with SRP auth. The second two update the IdentityID and AWS credentials.

With unauthenticated identities you might see two extra requests. Calling .signIn() will create an unauthenticated identity if one doesn't already exist. This would result in two requests. This appears to be a bug and I will look to open a PR for this. Note: If you have called .fetchAuthSession() there already would be an unauthenticated identity created. In this case .signIn() would not result in those extra calls.

I am unsure where the 7th request you are seeing is coming from. If you are using the Amplify Authenticator UI component, there will be a call to fetchUserAttributes after sign in. This is by design as the Authenticator will prompt users to confirm email/phone if they are not yet confirmed. That could be the 7th call if you are using the Authenticator.

I am going to mark this as a bug for now while I work on a fix for the additional 2 calls when there isn't an unauthenticated identity already.

tushkaty commented 1 year ago

No, I'm not using UI component. These logs are from an example app where I have 2 fields to input username and password and I'm calling

Amplify.Auth.signIn(
        username: userName,
        password: password,
      );

7th request was .GetUser. It's called after the signIn is successful so that is not included in the response time.

x-amx-target - Headers:

- AWSCognitoIdentityService.GetId
- AWSCognitoIdentityService.GetCredentialsForIdentity
- AWSCognitoIdentityProviderService.InitiateAuth
- AWSCognitoIdentityProviderService.RespondToAuthChallenge
- AWSCognitoIdentityService.GetId
- AWSCognitoIdentityService.GetCredentialsForIdentity
Jordan-Nelson commented 1 year ago

Got it.

Those are the same 6 calls I am seeing. I am investigating if we can reduce the number of calls (in particular, the duplicate GetId/GetCredentialsForIdentity calls). I don't think this would get the request time down to the ~2 seconds that you are reporting in v0 though.

In addition to the number of requests made, I have been trying to determine if any of the changes in v1 would result in a longer duration per request. I do see slightly longer call times per http request in v1, although the sample size of requests I am looking at is small. I will need to spend more time looking into this.

Are you able to share the network data from v0? Since the requests are not made from Dart you will need to use a tool such as Charles proxy to view the requests.

I'm located quite far from US East. We have all the servers in US East and like I said it was very fast prior to upgrade from the same region I'm trying now.

Are your users primarily located in US East? You should see significantly better performance for those located near US East.

tushkaty commented 1 year ago

Hello @Jordan-Nelson,

I can see the PR was raised and yet to be merged. I have again tested today with the latest 1.3.3 and I can still see the delay of 8-10 secs.

Any update when you're planning to move the fix in the release?

Also, our users are located at many locations. I'm yet to setup chares proxy due to some constraints on my work system.

maziarzamani commented 1 year ago

Waiting with great suspense. Our UX is not really satisfied with this delay.

Jordan-Nelson commented 1 year ago

Apologies for the delay.

The PR raised only addresses the issue for sign in. The same underlying issue is present for several auth APIs. We want to address this is a way that will resolve it for all auth APIs. This is something I am actively looking into. I will share updates here when I have them.

timnew commented 1 year ago

Hey guys, any update on this issue.

I think I ran into similar situation. Wondering is there any solution now?

I called signIn, then fetch user tokens and user attributes. And it in total took 8.8s to complete, which is unexpectedly long.

flutter: [INFO] SignInStore:  cognito.signIn in took 5424ms
flutter: [INFO] SignInStore:  cognito.fetchAuthSession and cognito.fetchUserAttributes took 3406ms
flutter: [INFO] SignInStore:  Sign in completed in 8832ms

I checked the network traffic, and I can see multiple 400 requests.

Are these requests expected? Each of them costs about 800ms, which seems to be the main reason behind the slow sign in process?

CleanShot 2023-09-28 at 17 37 59@2x
Jordan-Nelson commented 1 year ago

@tushkaty @maziarzamani @timnew - Apologies for the delay in response. With https://github.com/aws-amplify/amplify-flutter/pull/3671 merged, there will be fewer requests made during sign in (and several other Auth API calls).

If your User Pool allows for unauthenticated (guest) access, there should be two less requests (the request to fetch unauthenticated credentials, and the request to fetch the identity ID prior to sign in).

If your User Pool does not allow for guest access, the requests that result in 400s should no longer be made.

Jordan-Nelson commented 1 year ago

@tushkaty @maziarzamani @timnew - I appreciate your patience on getting this issue resolved.

The most recent version of Amplify Flutter (v1.6.0) includes changes which reduce the number of network requests that are made when calling Auth.signIn. This should speed up the request somewhat significantly. Please let me know if this resolves the issue for you after upgrading.

Jordan-Nelson commented 11 months ago

Hello folks - I am going to close this out as the latest release reduces the number of requests which I believe was the main source of the issue. If you are experiencing any other issues please let us know.