search

ellaisys / aws-cognito

AWS Cognito package (with MFA Feature) using the AWS SDK for PHP/Laravel
https://ellaisys.github.io/aws-cognito/
MIT License
110 stars 41 forks source link

API Registration/Login flow #18

Closed marjangvg closed 3 years ago

marjangvg commented 3 years ago

Hello,

Thank you for the great package! :)

I'm using it with laravel 8 app, for developing an API.

  1. Registration works ok, user is added to Pool
  2. When logging in, the API returns 
    {
"status": "error",
"message": {
    "session_token": "SESSION_TOKEN_HERE",
    "username": "USERNAME",
    "status": "NEW_PASSWORD_REQUIRED"
}
}

Then, if I try to call the user profile API endpoint (or any other API endpoint ) using the session_token from above, I'm getting this error:

{
    "error": "UNAUTHORIZED_REQUEST",
    "exception": "InvalidTokenException"
}

The API endpoints use the 'aws-cognito' middleware. Any ideas how to fix this? I also tried setting 'force_password_change_api' in the cognito.php config file to false, but it still adds the new users with Enabled / FORCE_CHANGE_PASSWORD status.

Thanks

megastruktur commented 2 years ago

I've faced the same issue. So I will describe the required steps for those who come here for a solution:

  1. Add this to your .env 
    AWS_COGNITO_FORCE_PASSWORD_CHANGE_API=false
AWS_COGNITO_FORCE_PASSWORD_AUTO_UPDATE_API=true
  2. The "FORCE_CHANGE_PASSWORD" is changed to "CONFIRMED" automatically when you firstly use attemptLogin functionality (api or web). Pass is updated if the above variables are set and the status is changed.
MielPoule commented 2 years ago

Hi ! Yes I use JWT token with Bearer header.

Le lun. 28 févr. 2022, à 21 h 14, Jerven Clark Chua < @.***> a écrit :

Hi, how do you use the session_token in a request? Is it like JWT where you add an Authorization: Bearer header?

— Reply to this email directly, view it on GitHub https://github.com/ellaisys/aws-cognito/issues/18#issuecomment-1054912250, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANFFTXQV5LULW7D7Y4DEU73U5V4QFANCNFSM5DQYSBZQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you are subscribed to this thread.Message ID: @.***>