israx / hello-world

0 stars 0 forks source link

issue with device management #32

Open israx opened 1 month ago

israx commented 1 month ago

Before opening, please confirm:

JavaScript Framework

React

Amplify APIs

Authentication

Amplify Version

v6

Amplify Categories

No response

Backend

None

Environment information

``` npx envinfo --system --binaries --browsers --npmPackages "{amazon-cognito-identity-js,aws-sdk,react,react-dom}" ```

Describe the bug

Hi,

I'm trying to understand if this is a bug or if the "Remember my device" feature is not supported with the amazon-cognito-identity-js library.

After implementing the "Remember my device" logic following MFA, I can see that my device is marked as "Remembered" in the "Device tracking log" section on the AWS platform.

However, the issue arises when I log out and attempt to log in again. I'm required to complete MFA once more, even though I expected the user.authenticateUser function to skip the MFA step because the device was remembered.

Here’s the code snippet I’m using to authenticate the user:

const authenticate = async (Username, Password) => {
  return new Promise((resolve, reject) => {
    const user = new CognitoUser({ Username, Pool });

    const authDetailsOptions = {
      Username,
      Password,
    };
    const deviceKey = localStorage.getItem(localStorageDeviceKey);
    if (deviceKey) {
      authDetailsOptions.AuthParameters = {
        DEVICE_KEY: deviceKey,
      };
    }
    // getCachedDeviceKeyAndPassword
    const authDetails = new AuthenticationDetails(authDetailsOptions);
    currentUser = user;
    user.authenticateUser(authDetails, authCB(resolve, reject));
  });
};

Despite setting the DEVICE_KEY parameter, I'm still prompted to complete MFA upon logging back in. I expected the user.authenticateUser function to recognize the device and bypass the MFA step if the device is remembered.

We have a large application with a significant amount of code that relies on the amazon-cognito-identity-js library, and we prefer not to switch to the aws-amplify library at this time.

Thank you!

Expected behavior

After the initial login with MFA and selecting the "Remember my device" option, I expect that when I log in again using the same device, the MFA step will be skipped. The user.authenticateUser function should recognize the device (using the DEVICE_KEY stored in localStorage) and proceed with authentication without prompting for MFA, as the device is marked as remembered in the AWS Cognito "Device tracking log."

Reproduction steps

  1. Set up an AWS Cognito User Pool with MFA and device tracking enabled.
  2. Implement the "Remember my device" feature in the login flow using amazon-cognito-identity-js.
  3. Authenticate a user with MFA, ensuring the device is marked as remembered (as seen in the AWS "Device tracking log").
  4. Log out the user. 5.Attempt to log in again using the same credentials, with the DEVICE_KEY retrieved from localStorage and passed in the authentication details as shown in the code snippet provided earlier.
  5. Observe that the MFA step is still required, despite the device being remembered

Code Snippet

// Put your code below this line.

Log output

``` // Put your logs below this line ```

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

israx commented 1 month ago

Thank you for providing information about your issue with the "Remember my device" feature in AWS Amplify v6. To better assist you, I need some additional details:

  1. Can you share the specific code snippet you're using for the authentication process, including how you're handling the "Remember my device" option?

  2. Are you using the Amplify UI components for authentication, or are you implementing a custom UI?

  3. Have you confirmed that the "Remember my device" setting is properly enabled in your Cognito User Pool configuration?

  4. After selecting "Remember my device" during login, are you seeing any specific error messages or unexpected behavior when attempting to log in again?

These details will help me understand your implementation and the exact behavior you're experiencing, allowing me to provide a more accurate and helpful response.