Closed CameronGuitard closed 2 years ago
I have discovered that the issue lies within my login workflow. Since to attempt to verify the code after the initial MFA required callback, the same login workflow was called including the authenticateUser call which sends a new code to the users phone, making the code they entered properly incorrect. The TOTP workflow still worked since the timer/code is independent from the authenticateUser call.
This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.
Looking for a help forum? We recommend joining the Amplify Community Discord server *-help
channels or Discussions for those types of questions.
Before opening, please confirm:
JavaScript Framework
Next.js
Amplify APIs
Authentication
Amplify Categories
auth
Environment information
Describe the bug
The sendMFACode function with the "SMS_MFA" mfaType is failing with a codeMissmatch exception and a new code is sent to their phone. The users phone number is verified and the accounts have SMS_MFA enabled. I have triple checked that the code getting sent with the sendMFACode function matches the one received in the text. This same workflow works for the "SOFTWARE_TOKEN_MFA"mfaType.
This is using the
amazon-cognito-identity-js
packageExpected behavior
When the user enters the code sent to their phone, the sendMFACode calls the "onSuccess" callback
Reproduction steps
Add a phone number to a user that is logged in Verify phone number and enable SMS_MFA to account Signout Attempt to login mfaRequired callback is hit, code is sent to use, and app allows user to enter phone code user enters the code that was sent to them sendMFACode fails with CodeMismatchException
Code Snippet
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response