Auth.signIn request at the same time generate same jwt token with different accounts

[leleofg]

Describe the bug When submit two request to method await Auth.signIn(username, password) at the same time with different accounts, the method generate the same token (signInUserSession.accessToken.jwtToken);

To Reproduce Steps to reproduce the behavior:

1. Use the method await Auth.signIn(username, password)
2. Make two requests with different accounts at exactly the same time
3. get the function's return and go to: signInUserSession.accessToken.jwtToken
4. and you will see that the generated token is the same for different accounts

[mlaguardia]

I have the same problem, like you.

[Cardoso222]

Up! Exactly the same issue here.

[sammartinez]

@leleofg can you provide your package.json along with your environment settings?

Please use the follow command:

npx envinfo --system --binaries --browsers --npmPackages --npmGlobalPackages

Thanks ahead of time!

[leleofg]

Thanks for answering @sammartinez . Below my env:

System: OS: Linux 5.4 Ubuntu 20.04.1 LTS (Focal Fossa) CPU: (4) x64 Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Memory: 4.30 GB / 15.54 GB Container: Yes Shell: 5.0.17 - /bin/bash Binaries: Node: 12.18.3 - ~/.nvm/versions/node/v12.18.3/bin/node npm: 6.14.6 - ~/.nvm/versions/node/v12.18.3/bin/npm Browsers: Chrome: 86.0.4240.198 Firefox: 82.0.3 npmPackages: @sendgrid/mail: ^7.4.0 => 7.4.0 @sentry/node: ^5.27.3 => 5.27.3 @types/cors: ^2.8.8 => 2.8.8 @types/dotenv: ^8.2.0 => 8.2.0 @types/express: ^4.17.7 => 4.17.8 @types/express-useragent: ^1.0.0 => 1.0.0 @types/ip: ^1.1.0 => 1.1.0 @types/jest: ^26.0.15 => 26.0.15 @types/jsonwebtoken: ^8.5.0 => 8.5.0 @types/jwk-to-pem: ^2.0.0 => 2.0.0 @types/morgan: ^1.9.2 => 1.9.2 @types/multer: ^1.4.4 => 1.4.4 @types/node: ^14.14.7 => 14.14.7 @types/pg: ^7.14.6 => 7.14.6 @types/supertest: ^2.0.10 => 2.0.10 @types/uuid: ^8.3.0 => 8.3.0 @typescript-eslint/eslint-plugin: ^3.10.1 => 3.10.1 @typescript-eslint/parser: ^3.10.1 => 3.10.1 aws-amplify: ^3.3.8-unstable.3 => 3.3.8-unstable.3 aws-sdk: ^2.789.0 => 2.789.0 axios: ^0.20.0 => 0.20.0 cors: ^2.8.5 => 2.8.5 dotenv: ^8.2.0 => 8.2.0 eslint: ^7.13.0 => 7.13.0 eslint-config-prettier: ^6.15.0 => 6.15.0 eslint-plugin-prettier: ^3.1.4 => 3.1.4 express: ^4.17.1 => 4.17.1 express-useragent: ^1.0.15 => 1.0.15 fuzzy-matching: ^0.4.3 => 0.4.3 generate-password: ^1.5.1 => 1.5.1 ip: ^1.1.5 => 1.1.5 jest: ^26.6.3 => 26.6.3 joi: ^17.3.0 => 17.3.0 jsonwebtoken: ^8.5.1 => 8.5.1 jwk-to-pem: ^2.0.4 => 2.0.4 knex: ^0.21.12 => 0.21.12 morgan: ^1.10.0 => 1.10.0 multer: ^1.4.2 => 1.4.2 mysql: ^2.18.1 => 2.18.1 node-fetch: ^2.6.0 => 2.6.1 node-phpass-leo: ^1.0.0 => 1.0.0 pg: ^8.5.0 => 8.5.0 prettier: ^2.1.2 => 2.1.2 supertest: ^4.0.2 => 4.0.2 ts-jest: ^26.4.4 => 26.4.4 ts-node-dev: ^1.0.0 => 1.0.0 typescript: ^4.0.5 => 4.0.5 uuid: ^8.3.1 => 8.3.1 npmGlobalPackages: @aws-amplify/cli: 4.29.4 knex: 0.21.5 n: 6.7.0 npm: 6.14.6 ts-node: 8.10.2 typescript: 3.9.7

[ericclemmons]

I was able to reproduce this behavior, which definitely appears to be a race-condition:

• Signing in separately returns different tokens (e.g. even a second or two apart).
• Signing in simultaneously returns the same jwtToken:

https://codesandbox.io/s/aws-amplifyamplify-jsissues7161-m1ps0?file=/src/App.js

So we can help prioritize this issue, can you provide some detail on why two separate user accounts are being signed in simultaneously? Thanks!

[github-actions[bot]]

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.