Open Ladvace opened 1 month ago
https://docs.amplify.aws/react/build-a-backend/auth/connect-your-frontend/sign-up/
You'll have to call await autoSignIn()
if the signUpOutput.nextStep
is COMPLETE_AUTO_SIGN_IN
.
Please refer to the documentation that I just shared
I've already tried it actually and I get the following error:
AutoSignInException: The autoSignIn flow has not started, or has been cancelled/completed. at initialAutoSignIn
I this this is due to the fact that when I want to sign in the user after the signup, the user is not confirmed yet, I would like to sign in the user after the sign up but before the verification step
@Ladvace yes your understanding is correct.
I guess in your case, you might want to consider to use AdminConfirmSignUp
yeah I came across this, is there a way to achieve this via amplify? or is this something that I have to do on the backend?
@Ladvace
You might want to look into Pre Sign Up lambda trigger.
thanks, I'll check it out
Hello, @Ladvace and thanks for opening this issue. As @dylan-tabist stated above, the default behavior for a basic auth flow in Amplify will require a user to sign up, get confirmed, then be signed in. If you're looking to bypass this middle step for a quicker sign up/sign in process for users, then the customizing the pre-sign up lambda can allow for this.
Thanks @dylan-tabist for proving some community help here!
Actually, wanted to follow up on this with a little more relevant information. While the Pre Sign Up Lambda trigger will work (as referenced in comments above), you can also circumvent paying for that compute cost with this auto-verify policy:
https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cognito.UserPool.html#autoverify
You can use in the following way for a Gen 2 app (it will leverage the L1 Construct):
const { cfnUserPool } = backend.auth.resources.cfnResources
cfnUserPool.autoVerifiedAttributes = ["EMAIL"]
Depending on the use case here, you may want to conditionally autoverify (for example if they come from a "verified" domain) which is where that trigger comes in handy. While all this can be done, also want to be clear that this runs the risk of allowing absolutely anyone into your app as verified/confirmed.
thanks for the answer, I'm gonna try it out
@Ladvace, just wanted to ping you and follow up to see if you had a chance to try this out. Let us know if you're still blocked here or have further questions.
Hi, in the end, I opted for an easier solution, I just merged the login and verification steps, after the verification step, I log in the user, It's not 100% optimal but it's the easiest in my case I think
Hi @cwomack , I have a similar issue. on confirmation I get this response:
{ "isSignUpComplete": true, "nextStep": { "signUpStep": "COMPLETE_AUTO_SIGN_IN" } }
but when I call await autoSignIn(). I get this same error :
AutoSignInException: The autoSignIn flow has not started, or has been cancelled/completed.
there is hardly any documentation on how to handle the email verification process when the user is sent a link and not a confirmation code. is the link process case also handled by autoSignIn
?
After clicking the verification link, do we run confirmSignUp
without passing it a confirmationCode
? [update: this does not work]
there is only one mention of how to implement in the docs and it hardly goes over any implementation details:
[Auto sign-in](https://docs.amplify.aws/react/build-a-backend/auth/connect-your-frontend/sign-in/#auto-sign-in)
The autoSignIn API will automatically sign-in a user when it was previously enabled by the signUp API and after any of the following cases has completed:
User confirmed their account with a verification code sent to their phone or email (default option).
User confirmed their account with a verification link sent to their phone or email. In order to enable this option you need to go to the [Amazon Cognito console](https://aws.amazon.com/pm/cognito), look for your userpool, then go to the Messaging tab and enable link mode inside the Verification message option. Finally you need to define the signUpVerificationMethod to link inside the Cognito option of your Auth config.
what is the flow to be implemented when using a confirmation link?
I am also unsure how I invoke signUp
so that I get the response COMPLETE_AUTO_SIGN_IN
and not the CONFIRM_SIGN_UP
response which I am getting now (I am passing autoSignIn: true
under options
to signUp
)
I am also unsure how I invoke
signUp
so that I get the responseCOMPLETE_AUTO_SIGN_IN
and not theCONFIRM_SIGN_UP
response which I am getting now (I am passingautoSignIn: true
underoptions
tosignUp
)
After signup with autoSignIn: true
, you still have to confirm signup. before you get COMPLETE_AUTO_SIGN_IN
After signup with
autoSignIn: true
, you still have to confirm signup. before you getCOMPLETE_AUTO_SIGN_IN
the docs state that this can be returned after signUp
The signUp API response will include a nextStep property, which can be used to determine if further action is required. It may return the following next steps:
CONFIRM_SIGN_UP - The sign up needs to be confirmed by collecting a code from the user and calling confirmSignUp.
DONE - The sign up process has been fully completed.
COMPLETE_AUTO_SIGN_IN - The sign up process needs to complete by invoking the autoSignIn API.
so either the docs or you are wrong :/ appreciate the help
After signup with
autoSignIn: true
, you still have to confirm signup. before you getCOMPLETE_AUTO_SIGN_IN
the docs state that this can be returned after
signUp
The signUp API response will include a nextStep property, which can be used to determine if further action is required. It may return the following next steps: CONFIRM_SIGN_UP - The sign up needs to be confirmed by collecting a code from the user and calling confirmSignUp. DONE - The sign up process has been fully completed. COMPLETE_AUTO_SIGN_IN - The sign up process needs to complete by invoking the autoSignIn API.
so either the docs or you are wrong :/ appreciate the help
Read this.
The autoSignIn API will automatically sign-in a user when it was previously enabled by the signUp API and after any of the following cases has completed:
User confirmed their account with a verification code sent to their phone or email (default option). User confirmed their account with a verification link sent to their phone or email. In order to enable this option you need to go to the Amazon Cognito console, look for your userpool, then go to the Messaging tab and enable link mode inside the Verification message option. Finally you need to define the signUpVerificationMethod to link inside the Cognito option of your Auth config.
This means you must confirmUser. keyword previously enabled by the signUp API and after
Read this.
I have read this several times and quoted it 5 comments above.
confirmUser
is not a method provided by the library. if you mean confirmSignUp
then this method requires a confirmation code. again, I am trying to find the appropriate implementation for the link
sign up email verification method.
The quote from the docs mentions defining signUpVerificationMethod
to link
inside the Cognito option of my Auth config, although in their docs the only way they've set up their config is by passing the auto generated amplifyconfiguration.json
file into Amplify.configure
import amplifyconfig from "./amplifyconfiguration";
Amplify.configure(amplifyconfig);
In AWS Cognito I've set up confirmation to be link
and not code
, however, when I amplify pull
I do not see that reflected in the auto generated amplifyconfiguration.json
specific implementation details for a user signing up and confirming their email address with a link would be greatly appreciated
Hello all. Sorry for any confusion when using the autoSignIn
API. To create an account during sign-up, Cognito's default behavior requires users to either submit a confirmation code
or click a verification link
. Also The autoSignIn
API is designed to work exclusively on active sessions within single page application contexts. Therefore, it cannot be utilized in the following scenarios:
@oznekenzo in order to enable autoSignIn
with verification link you have to,
Amplify.configure
as follows:
const config:ResourcesConfig={
Auth: {
Cognito: {
userPoolId: "xxxxxxxx",
userPoolClientId: "xxxxxxxxx",
signUpVerificationMethod:'link'
},
},
};
Amplify.configure(config)
3. call `signUp` with `autoSignIn` enabled.
4. click the verification link sent to your email or phone
5. call the `autoSignIn` API
@israx awesome - that worked - thank you very very much
sticking point was how to correctly configure the config passed to Amplify - I had seen some examples where both the auto created config (amplifyconfiguration.json
) was merged w/ a custom Auth: { Cognito: { ...
configuration which I had tried - as well as just passing amplifyconfiguration.json
without any edits - until the snipped provided above.
Thanks @oznekenzo for bringing that up. I created a task in our backlog to add specific documentation to address this use case.
Hello all. Sorry for any confusion when using the
autoSignIn
API. To create an account during sign-up, Cognito's default behavior requires users to either submit aconfirmation code
or click averification link
. Also TheautoSignIn
API is designed to work exclusively on active sessions within single page application contexts. Therefore, it cannot be utilized in the following scenarios:
- page was refreshed.
- API is called on a new tab.
@oznekenzo in order to enable
autoSignIn
with verification link you have to,
- Enable verification link on your Cognito User Pool— I see you already did it.
- call
Amplify.configure
as follows:const config:ResourcesConfig={ Auth: { Cognito: { userPoolId: "xxxxxxxx", userPoolClientId: "xxxxxxxxx", signUpVerificationMethod:'link' }, }, }; Amplify.configure(config)
- call
signUp
withautoSignIn
enabled.- click the verification link sent to your email or phone
- call the
autoSignIn
API
Hi @israx Thank you for your feed back. I have a single page application and I am calling the autologin in the same tab I called confirm signup.
from confirmSignup I get { "isSignUpComplete": true, "nextStep": { "signUpStep": "COMPLETE_AUTO_SIGN_IN" } } which means my autosignin was set up correctly.
but when I call await autoSignIn(). I get this same error :
AutoSignInException: The autoSignIn flow has not started, or has been cancelled/completed.
Hello @yinka0136. Could you please share code snippets about how you are calling the signUp
, confirmSignUp
and autoSignIn
APIs?
Hello @yinka0136. Could you please share code snippets about how you are calling the
signUp
,confirmSignUp
andautoSignIn
APIs?
@israx just to clarify before I send the snippet, do you mean that , Signup, confirmSignup and autologin have to be called on the same tab?
Yes. The 3 APIs should share the same context. You can still call these APIs on the same tab but using different routes. e.g
/signup
, /confirm-sign-up
and /auto-sign-in
Before opening, please confirm:
JavaScript Framework
React
Amplify APIs
Authentication
Amplify Version
v6
Amplify Categories
auth
Backend
Amplify Gen 2 (Preview)
Environment information
Describe the bug
as in this issue https://github.com/aws-amplify/amplify-js/issues/991, the
autoSignIn
parameters in the signUp function doesn't work, the user doesn't get logged in, this is quite annoying and it makes the library almost unusable for me.An issue for this already exist but got closed.
Expected behavior
to sign in after the signup is successful
Reproduction steps
just sign in
Code Snippet
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response