search

ellaisys / aws-cognito

AWS Cognito package (with MFA Feature) using the AWS SDK for PHP/Laravel
https://ellaisys.github.io/aws-cognito/
MIT License
110 stars 41 forks source link

FORCE PASSWORD CHANGE Not working #55

Closed ozgurkuru closed 1 year ago

ozgurkuru commented 1 year ago

Hi,

I set environment like ; AWS_COGNITO_FORCE_PASSWORD_CHANGE_API=false AWS_COGNITO_FORCE_PASSWORD_AUTO_UPDATE_API=true

but Cognito still set user status as Force change password.

amitdhongde commented 1 year ago

Hey @ozgurkuru,

Cognito will always set a new user for "Force Password Change". This configuration was intended for Laravel Restful APIs as forcing a change password is difficult from APIs.

Some implementations use these Restful APIs provided by this Laravel package and consume it into WordPress or other 3rd party solutions to login. Works like SSO. It is difficult to force a change password in such cases. That is when this configuration comes in handy.

It does not work with laravel web applications, as you have control on the views/pages.

amitdhongde commented 1 year ago

Can you share your use case?

ozgurkuru commented 1 year ago

@amitdhongde thanks for your reply. I use it for web application thanks. I will change our product work style.