search

aws-amplify / amplify-js

A declarative JavaScript library for application development using cloud services.
https://docs.amplify.aws/lib/q/platform/js
Apache License 2.0
9.43k stars 2.13k forks source link

Getting Error "There is already a signed in user" when trying to log in user who's already signed in #13813

Closed alaahafez20 closed 2 weeks ago

alaahafez20 commented 1 month ago

Before opening, please confirm:

JavaScript Framework

Next.js

Amplify APIs

Authentication

Amplify Version

v6

Amplify Categories

auth

Backend

None

Environment information

``` # Put output below this line System: OS: Windows 11 10.0.22631 CPU: (8) x64 Intel(R) Core(TM) i5-10200H CPU @ 2.40GHz Memory: 1.64 GB / 7.78 GB Binaries: Node: 18.18.0 - C:\Program Files\nodejs\node.EXE npm: 9.8.1 - C:\Program Files\nodejs\npm.CMD Browsers: Edge: Chromium (127.0.2651.74) Internet Explorer: 11.0.22621.3527 npmPackages: @ampproject/toolbox-optimizer: undefined () @aws-amplify/adapter-nextjs: 1.2.17 => 1.2.17 @aws-amplify/adapter-nextjs/api: undefined () @aws-amplify/adapter-nextjs/data: undefined () @babel/core: 7.24.0 => undefined (7.24.0, ) @babel/preset-env: 7.24.0 => 7.24.0 @babel/runtime: 7.22.5 @cypress/angular: 0.0.0-development @cypress/mount-utils: 0.0.0-development @cypress/react: 0.0.0-development @cypress/react18: 0.0.0-development @cypress/svelte: 0.0.0-development @cypress/vue: 0.0.0-development @cypress/vue2: 0.0.0-development @edge-runtime/cookies: 4.1.1 @edge-runtime/ponyfill: 2.4.2 @edge-runtime/primitives: 4.1.0 @emotion/react: 11.11.1 => 11.11.1 (11.13.0) @emotion/server: 11.11.0 => 11.11.0 @emotion/styled: 11.11.0 => 11.11.0 (11.13.0) @eslint/compat: 1.1.1 => 1.1.1 @eslint/eslintrc: 3.1.0 => 3.1.0 @eslint/js: 9.9.0 => 9.9.0 @hapi/accept: undefined () @hookform/resolvers: 2.9.8 => 2.9.8 @hookform/resolvers/ajv: 1.0.0 @hookform/resolvers/class-validator: 1.0.0 @hookform/resolvers/computed-types: 1.0.0 @hookform/resolvers/io-ts: 1.0.0 @hookform/resolvers/joi: 1.0.0 @hookform/resolvers/nope: 1.0.0 @hookform/resolvers/superstruct: 1.0.0 @hookform/resolvers/typanion: 1.0.0 @hookform/resolvers/vest: 1.0.0 @hookform/resolvers/yup: 1.0.0 @hookform/resolvers/zod: 1.0.0 @mswjs/interceptors: undefined () @mui/icons-material: 5.15.15 => 5.15.15 @mui/lab: 5.0.0-alpha.145 => 5.0.0-alpha.145 @mui/material: 5.14.10 => 5.14.10 (5.16.7) @mui/x-date-pickers: 6.15.0 => 6.15.0 @napi-rs/triples: undefined () @newrelic/next: 0.7.0 => 0.7.0 @next/font: undefined () @opentelemetry/api: undefined () @paypal/paypal-js: 8.0.2 => 8.0.2 (7.1.1) @paypal/react-paypal-js: 8.1.3 => 8.1.3 @sentry/integrations: 7.114.0 => 7.114.0 @sentry/nextjs: 8.9.2 => 8.9.2 @stripe/react-stripe-js: 2.7.3 => 2.7.3 @stripe/stripe-js: 4.1.0 => 4.1.0 @tanstack/eslint-plugin-query: 5.51.15 => 5.51.15 @tanstack/query-codemods: 4.24.3 @tanstack/react-query: 5.40.1 => 5.40.1 @tanstack/react-query-devtools: 5.40.1 => 5.40.1 @toast-ui/react-editor: 3.2.3 => 3.2.3 @types/accept-language-parser: 1.5.3 => 1.5.3 @types/autosuggest-highlight: 3.2.0 => 3.2.0 @types/clean-css: 4.2.5 => 4.2.5 @types/lodash: 4.17.1 => 4.17.1 @types/node: 20.14.7 => 20.14.7 (18.19.44, 10.17.60, 8.10.66) @types/react: 18.3.3 => 18.3.3 @typescript-eslint/eslint-plugin: 8.0.1 => 8.0.1 @typescript-eslint/parser: 8.0.1 => 8.0.1 (7.2.0) @vercel/nft: undefined () @vercel/og: 0.6.2 accept-language-parser: 1.5.0 => 1.5.0 acorn: undefined () add-to-calendar-button-react: 2.5.6 => 2.5.6 amphtml-validator: undefined () anser: undefined () arg: undefined () assert: undefined () async-retry: undefined () async-sema: undefined () autoprefixer: 10.4.11 => 10.4.11 autosuggest-highlight: 3.3.4 => 3.3.4 aws-amplify: 6.6.0 => 6.6.0 aws-amplify/adapter-core: undefined () aws-amplify/analytics: undefined () aws-amplify/analytics/kinesis: undefined () aws-amplify/analytics/kinesis-firehose: undefined () aws-amplify/analytics/personalize: undefined () aws-amplify/analytics/pinpoint: undefined () aws-amplify/api: undefined () aws-amplify/api/server: undefined () aws-amplify/auth: undefined () aws-amplify/auth/cognito: undefined () aws-amplify/auth/cognito/server: undefined () aws-amplify/auth/enable-oauth-listener: undefined () aws-amplify/auth/server: undefined () aws-amplify/data: undefined () aws-amplify/data/server: undefined () aws-amplify/datastore: undefined () aws-amplify/in-app-messaging: undefined () aws-amplify/in-app-messaging/pinpoint: undefined () aws-amplify/push-notifications: undefined () aws-amplify/push-notifications/pinpoint: undefined () aws-amplify/storage: undefined () aws-amplify/storage/s3: undefined () aws-amplify/storage/s3/server: undefined () aws-amplify/storage/server: undefined () aws-amplify/utils: undefined () axios: 1.7.2 => 1.7.2 (1.6.0) babel-eslint: 10.1.0 => 10.1.0 babel-packages: undefined () babel-plugin-lodash: 3.3.4 => 3.3.4 browserify-zlib: undefined () browserslist: undefined () buffer: undefined () bytes: undefined () ci-info: undefined () clean-css: 5.3.1 => 5.3.1 cli-select: undefined () client-only: 0.0.1 clsx: 1.2.1 => 1.2.1 (2.1.1) commander: undefined () comment-json: undefined () compression: undefined () concurrently: 8.2.2 => 8.2.2 conf: undefined () constants-browserify: undefined () content-disposition: undefined () content-type: undefined () cookie: undefined () cross-spawn: undefined () crypto-browserify: undefined () css.escape: undefined () cypress: 13.6.1 => 13.6.1 cypress-recurse: ^1.35.2 => 1.35.3 data-uri-to-buffer: undefined () dayjs: 1.11.12 => 1.11.12 debounce-fn: 6.0.0 => 6.0.0 debug: undefined () devalue: undefined () domain-browser: undefined () edge-runtime: undefined () embla-carousel-react: 8.1.7 => 8.1.7 eslint: 9.9.0 => 9.9.0 eslint-config-next: 14.2.5 => 14.2.5 eslint-config-prettier: 9.1.0 => 9.1.0 eslint-plugin-cypress: 3.4.0 => 3.4.0 eslint-plugin-jsx-a11y: 6.9.0 => 6.9.0 eslint-plugin-prettier: 5.2.1 => 5.2.1 eslint-plugin-react: 7.35.0 => 7.35.0 eslint-plugin-react-hooks: 4.6.2 => 4.6.2 events: undefined () find-cache-dir: undefined () find-up: undefined () flatted: 3.2.7 => 3.2.7 (3.3.1) fresh: undefined () get-orientation: undefined () glob: undefined () gzip-size: undefined () http-proxy: undefined () http-proxy-agent: undefined () https-browserify: undefined () https-proxy-agent: undefined () icss-utils: undefined () ignore-loader: undefined () image-size: undefined () imapflow: 1.0.147 => 1.0.147 is-animated: undefined () is-docker: undefined () is-wsl: undefined () jest-worker: undefined () json5: undefined () jsonwebtoken: undefined () loader-runner: undefined () loader-utils: undefined () lodash: 4.17.21 => 4.17.21 lodash.curry: undefined () lru-cache: undefined () mini-css-extract-plugin: undefined () msw: 1.3.2 => 1.3.2 mui-one-time-password-input: 2.0.3 => 2.0.3 nanoid: undefined () native-url: undefined () neo-async: undefined () newrelic: 11.5.0 => 11.5.0 next: 14.2.4 => 14.2.4 node-fetch: undefined () node-html-parser: undefined () ora: undefined () os-browserify: undefined () p-limit: undefined () path-browserify: undefined () picomatch: undefined () platform: undefined () postcss: 8.4.38 => 8.4.38 (8.4.31) postcss-flexbugs-fixes: undefined () postcss-modules-extract-imports: undefined () postcss-modules-local-by-default: undefined () postcss-modules-scope: undefined () postcss-modules-values: undefined () postcss-preset-env: undefined () postcss-safe-parser: undefined () postcss-scss: undefined () postcss-value-parser: undefined () prettier: 3.3.3 => 3.3.3 process: undefined () public-ip: 4.0.4 => 4.0.4 punycode: undefined () querystring-es3: undefined () raw-body: undefined () react: 18.3.1 => 18.3.1 react-acceptjs: 0.3.0 => 0.3.0 react-builtin: undefined () react-dom: 18.3.1 => 18.3.1 react-dom-builtin: undefined () react-dom-experimental-builtin: undefined () react-experimental-builtin: undefined () react-hook-form: 7.39.4 => 7.39.4 react-is: 18.2.0 react-player: 2.11.0 => 2.11.0 react-refresh: 0.12.0 react-server-dom-turbopack-builtin: undefined () react-server-dom-turbopack-experimental-builtin: undefined () react-server-dom-webpack-builtin: undefined () react-server-dom-webpack-experimental-builtin: undefined () react-share: 5.0.2 => 5.0.2 react-social-icons: 6.7.0 => 6.7.0 regenerator-runtime: 0.13.4 sass-loader: undefined () scheduler-builtin: undefined () scheduler-experimental-builtin: undefined () schema-utils: undefined () semver: undefined () send: undefined () server-only: 0.0.1 setimmediate: undefined () sharp: 0.33.5 => 0.33.5 shell-quote: undefined () smtp-tester: 2.1.0 => 2.1.0 sonner: 1.4.41 => 1.4.41 source-map: undefined () source-map08: undefined () stacktrace-parser: undefined () start-server-and-test: 1.11.0 => 1.11.0 stop-runaway-react-effects: 2.0.0 => 2.0.0 stream-browserify: undefined () stream-http: undefined () string-hash: undefined () string_decoder: undefined () strip-ansi: undefined () superstruct: undefined () tar: undefined () terser: undefined () text-table: undefined () timers-browserify: undefined () tty-browserify: undefined () typescript: 5.5.4 => 5.5.4 ua-parser-js: undefined () unistore: undefined () universal-cookie: 4.0.4 => 4.0.4 util: undefined () uuidv4: 6.2.13 => 6.2.13 vm-browserify: undefined () watchpack: undefined () web-vitals: undefined () webpack: undefined () webpack-sources: undefined () ws: undefined () yup: 1.4.0 => 1.4.0 zod: undefined () npmGlobalPackages: corepack: 0.19.0 npm: 9.8.1 ```

Describe the bug

In version 5, we could log a user in even if they were already signed in. However, in version 6, we're getting an error that prevents this. Is there a way to log a user in without requiring them to log out first?

Expected behavior

Expect to log a user in who's already signed in

Reproduction steps

image

Code Snippet

// Put your code below this line.

Log output

``` // Put your logs below this line ```

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

cwomack commented 1 month ago

Hello, @alaahafez20 and thanks for opening this issue. This is expected behavior in v6 of Amplify when trying to log the currently signed-in user. Can you share a little more about what you're trying to do by logging the user in v6? Would the fetchAuthSession() API help accomplish this (docs link)?

hackerdud3 commented 1 month ago

Hello, @alaahafez20

In v5 we have Auth.currentAuthenticatedUser() to get the authenticated user.

In v6 we have getCurrentUser() API to get the authenticated user. You can then destructure userId username and signInDetails. If you are only trying to check if the user is authenticated, you can also use fetchAuthSession() API.

Example snippet:

 import { getCurrentUser } from 'aws-amplify/auth';

async function currentAuthenticatedUser() {
  try {
    const { username, userId, signInDetails } = await getCurrentUser();
    console.log(`The username: ${username}`);
    console.log(`The userId: ${userId}`);
    console.log(`The signInDetails: ${signInDetails}`);
  } catch (err) {
    console.log(err);
  }
}
alaahafez20 commented 1 month ago

@cwomack The fetchAuthSession function doesn't fulfill our requirements. We require the ability to log in the currently signed-in user under some condition that differ from the initial sign-in process. Will this feature be available in version 6?

cwomack commented 1 month ago

@alaahafez20, I'm not quite sure what the use case/context here is when you say that you're trying to "log in the currently signed-in user". Can you clarify what the "conditions that differ from the initial sign-in process" means?

Are you looking to require a second sign-in before completing some type of CRUD operation or action from a user? Do you have any sample code from v5 where this was being done? Thanks.

alaahafez20 commented 1 month ago

@cwomack, We have implemented a two-tier authentication system for users: "limited" and "unlimited." Currently, before sign-in, we send a request to our database to update the user's state (e.g., to "limited"). During the Cognito Lambda function execution, we retrieve the user's data from our database. Based on this data, we either log the user in immediately if their status is "limited" or initiate an OTP process if their status is "unlimited." Additionally, there is a requirement for users to be able to upgrade from a "limited" session to an "unlimited" session without needing to log out.

cwomack commented 1 month ago

@alaahafez20, appreciate the response and additional context here. It sounds like this is essentially a workaround for getting a mid-session MFA/OTP request for users that are already signed in (as captured in issues #6676 and #11447), which is something that isn't supported by Cognito at this point.

This seems like this is not only a feature request (which I'll update the issue to), but also a version parity difference between v5 and v6 of Amplify. To be clear, it's not something that we documented support for in v5. Nonetheless, if it worked in v5 and doesn't in v6.... we'll review it internally as a feature request similar to the aforementioned "ad-hoc MFA request" issues.

After digging into this further, it also seems that since you've already set up your Cognito lambdas tied to the Auth flow to handle the user's state that stored in the database... you might be able to do the following to achieve this in v6:

  1. Add additional client side logic to capture the exception when the signIn() API is called and you get the "There is already a signed in user" error.
  2. When this happens, call the signOut() API for that user
  3. Call signIn() API again (essentially restarted the auth flow and user session)

This will not only cause the OTP requirement to pop up again I believe, but also ensure that the refresh token from the previous session is revoked as well. Can you see if this works for your use case?

cwomack commented 2 weeks ago

Closing this issue as a duplicate of the aforementioned #6676 and #11447. Please follow those issues for updates on progress for this feature request, and feel free to upvote/comment on those issues as well to help them gain traction.

Thank you!

Steven-sdx commented 2 weeks ago

This doesn't seem like the same issue as 6676 and 11447 - we also have this issue intermittently and it's for a regular credential auth with no MFA. The solution is to handle the error, signOut and then signIn? Seems like a workaround for something broken with v6, no?