Closed IgorPietraszko closed 2 years ago
Hi @IgorPietraszko,
Good afternnoon.
Thanks for posting guidance question. Similar question was posted few days back, refer https://github.com/aws/aws-sdk-net/issues/1984. I do not think there is a workaround to handle the said scenario for unconfirmed user. Please refer the communication in the said issue and see if it helps.
Thanks, Ashish
Thanks for the response.
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
you can check the user status by AdminGetUserAsync
and then forcefully set a password against the user if you want to change the password,
NOTE = AdminSetUserPasswordAsync
Summary:
Sets the specified user's password in a user pool as an administrator. Works
on any user.
The password can be temporary or permanent. If it is temporary, the user status enters the
FORCE_CHANGE_PASSWORD
state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth
response will contain the
NEW_PASSWORD_REQUIRED
challenge. If the user doesn't sign in before it expires, the user won't be able
to sign in, and an administrator must reset their password.
Once the user has set a new password, or the password is permanent, the user
status is set to
Confirmed
the following is using AWS SDK IAmazonCognitoIdentityProvider (AWSSDK.CognitoIdentityProvider)
var result = await _cognitoProviderClient.AdminGetUserAsync(new AdminGetUserRequest
{
Username = email,
UserPoolId = _appConfig.UserPoolId
});
if(result.UserStatus == UserStatusType.UNCONFIRMED)
{
var response = await _cognitoProviderClient.AdminSetUserPasswordAsync(new AdminSetUserPasswordRequest()
{
Username = email,
Password = GenerateRandowmPassword(),
Permanent = false,
UserPoolId = _appConfig.UserPoolId
});
// other logic
}
The Question
I have a use case for changing the password and name for an unconfirmed user.
In this case I would like to change their name and password (in case it is different) and resend the confirmation code. Since I don't know their previous password, I cannot use ChangePasswordAsync() to change their password.
I have attempted to call RemovePasswordAsync() with the idea of later calling AddPaswordAsync() with the new password but I get an Exception (System.NotSupportedException: Store does not implement IUserPasswordStore) when calling RemovePasswordAsync(). Is this due to the fact that I cannot change the password on an unconfirmed user? Is there a way to accomplish that?
The workaround I have is to call DeleteAsync() prior to calling CreateAsync() but that seems a bit heavy-handed to accomplish what I need.
Environment
This is a :question: general question