Tested these changes with our app and it worked fine.
Currently there is only one way to get into a problematic state by having a verified phone number, then enabling MFA and later changing phone_number attribute and not verifying it but in my opinion this should be solved by the developer unsing this library. I added the information to the documentation though to be careful at this step.
PR for https://github.com/furaiev/amazon-cognito-identity-dart-2/issues/223
Tested these changes with our app and it worked fine.
Currently there is only one way to get into a problematic state by having a verified phone number, then enabling MFA and later changing phone_number attribute and not verifying it but in my opinion this should be solved by the developer unsing this library. I added the information to the documentation though to be careful at this step.