search

aws-amplify / amplify-js

A declarative JavaScript library for application development using cloud services.
https://docs.amplify.aws/lib/q/platform/js
Apache License 2.0
9.43k stars 2.12k forks source link

preferred_username is required but cant be set during registration. #13724

Closed daskabe closed 1 month ago

daskabe commented 2 months ago

Before opening, please confirm:

JavaScript Framework

React

Amplify APIs

Authentication

Amplify Version

v6

Amplify Categories

auth

Backend

CDK

Environment information

``` # Put output below this line System: OS: macOS 14.4.1 CPU: (12) arm64 Apple M2 Pro Memory: 105.63 MB / 16.00 GB Shell: 5.9 - /bin/zsh Binaries: Node: 18.19.0 - ~/.nvm/versions/node/v18.19.0/bin/node npm: 10.2.3 - ~/.nvm/versions/node/v18.19.0/bin/npm pnpm: 8.15.5 - ~/.nvm/versions/node/v18.19.0/bin/pnpm Browsers: Brave Browser: 127.1.68.137 Chrome: 127.0.6533.120 Safari: 17.4.1 npmPackages: @eslint/js: ^9.8.0 => 9.9.0 @hookform/resolvers: ^3.9.0 => 3.9.0 @hookform/resolvers/ajv: 1.0.0 @hookform/resolvers/arktype: 2.0.0 @hookform/resolvers/class-validator: 1.0.0 @hookform/resolvers/computed-types: 1.0.0 @hookform/resolvers/effect-ts: 1.0.0 @hookform/resolvers/fluentvalidation-ts: 1.0.0 @hookform/resolvers/io-ts: 1.0.0 @hookform/resolvers/joi: 1.0.0 @hookform/resolvers/nope: 1.0.0 @hookform/resolvers/superstruct: 1.0.0 @hookform/resolvers/typanion: 1.0.0 @hookform/resolvers/typebox: 1.0.0 @hookform/resolvers/typeschema: 1.0.0 @hookform/resolvers/valibot: 1.0.0 @hookform/resolvers/vest: 1.0.0 @hookform/resolvers/vine: 1.0.0 @hookform/resolvers/yup: 1.0.0 @hookform/resolvers/zod: 1.0.0 @radix-ui/colors: ^3.0.0 => 3.0.0 @radix-ui/react-icons: ^1.3.0 => 1.3.0 @radix-ui/react-toolbar: ^1.1.0 => 1.1.0 @radix-ui/themes: ^3.1.1 => 3.1.3 @types/react: ^18.3.3 => 18.3.3 @types/react-dom: ^18.3.0 => 18.3.0 @vitejs/plugin-react: ^4.3.1 => 4.3.1 aws-amplify: ^6.5.1 => 6.5.1 aws-amplify/adapter-core: undefined () aws-amplify/analytics: undefined () aws-amplify/analytics/kinesis: undefined () aws-amplify/analytics/kinesis-firehose: undefined () aws-amplify/analytics/personalize: undefined () aws-amplify/analytics/pinpoint: undefined () aws-amplify/api: undefined () aws-amplify/api/server: undefined () aws-amplify/auth: undefined () aws-amplify/auth/cognito: undefined () aws-amplify/auth/cognito/server: undefined () aws-amplify/auth/enable-oauth-listener: undefined () aws-amplify/auth/server: undefined () aws-amplify/data: undefined () aws-amplify/data/server: undefined () aws-amplify/datastore: undefined () aws-amplify/in-app-messaging: undefined () aws-amplify/in-app-messaging/pinpoint: undefined () aws-amplify/push-notifications: undefined () aws-amplify/push-notifications/pinpoint: undefined () aws-amplify/storage: undefined () aws-amplify/storage/s3: undefined () aws-amplify/storage/s3/server: undefined () aws-amplify/storage/server: undefined () aws-amplify/utils: undefined () eslint: ^9.8.0 => 9.9.0 eslint-plugin-react-hooks: ^5.1.0-rc.0 => 5.1.0-rc-fb9a90fa48-20240614 eslint-plugin-react-refresh: ^0.4.9 => 0.4.9 globals: ^15.9.0 => 15.9.0 (11.12.0, 14.0.0) isomorphic-dompurify: ^2.14.0 => 2.14.0 marked: ^14.0.0 => 14.0.0 react: ^18.3.1 => 18.3.1 react-dom: ^18.3.1 => 18.3.1 react-favicon: ^2.0.7 => 2.0.7 react-hook-form: ^7.52.2 => 7.52.2 react-router-dom: ^6.25.1 => 6.26.0 typescript: ^5.5.3 => 5.5.4 typescript-eslint: ^8.0.0 => 8.1.0 vite: ^5.4.0 => 5.4.0 web-vitals: ^4.2.3 => 4.2.3 zod: ^3.23.8 => 3.23.8 npmGlobalPackages: aws-cdk: 2.150.0 corepack: 0.22.0 firebase-tools: 13.4.0 npm: 10.2.3 pino-pretty: 11.0.0 pnpm: 8.15.5 semver: 7.6.3 typescript: 5.3.3 ```

Describe the bug

preferred_username should not be a Required attribute IF it cant be set during user sign up flow.

Expected behavior

preferred_username should not be required field. if it is - it should be settable during signup.

image 
const user = await signUp({
      username:email,
      password,
      options: {
        userAttributes: {
          name: fullName,
          phone_number: formatPhoneNumber(phoneNumber),
          email,
          preferred_username: username,
          updated_at: Date.now().toString(),
        },
      },
    });

the above code gives this error:

image

Reproduction steps

Create a userpool with preferred_username as required field and then try to create a user.

If this is system limitation then userpool creation should fail if preferred_username is set as required field.

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

cwomack commented 2 months ago

Hello, @daskabe is your preferred username set up as required and as an alias? Per the Cognito docs here, it can be one but not both.

israx commented 2 months ago

Hello @daskabe. This seems to be a Cognito bug. You are right, the creation of the userpool should fail when preferred_username is selected as a required attribute.

You would need to create another userpool without the preferred_username as a require attribute and then call the updateUserAttribute API upon authentication and add a preferred_username

daskabe commented 2 months ago

thats what i ended up doing to move forward with my development - created another userpool - But now my users cant sign in using their username. Currently just using email. I didn't bather setting preferred_username ; instead i saved the username to custom:username attribute during signup to hopefully validate that somehow during sign up.

And how/why is account confirmation status related to a preferred_username? preferred_username is just attribute and does not need confirmation.

This is what i would want to see. 1) if user has all 3 selected in the following image, then preferred_username should be settable field during sign up

2) dont call it User name as its confusing; call it userHandle
because if you ask frontend engineer, username can be : email || phone || userHandle(eg elonMusk)

4) the signUp(...) function should just take object of attributes(some of which can be required based on user pool configuration), So no username, password and options.userAttributes fields. Because right now i am confused what username:{email} is actually accomplishing if my use case is: my users login using phone numbers. But if i just send an object with all required and custom attributes; congito should just work based on how its configured during creation.

3) this section is redundant

If you select only phone number and email, your user will be prompted to select one of the two sign-in options when they sign up.

Cognito signIn(...) process should parse and validate the provided username - (one of email || phone || userHandle) and then perform login action...no need to force user to select the preferred way. Imagine having your email as preferred way but then you lose your email...how do you login and change your preference? Ideally i should be able to login with all my 3 options anytime (the userPool is configured to accept all 3)

image

@israx

cwomack commented 1 month ago

@daskabe, closing this issue as it will be captured as a docs improvement in the above referenced amplify-docs issue. You can track the progress there, but I'll leave another comment on here once the updates are merged in. Thanks!