Allow NEW_PASSWORD_REQUIRED challenge completion.

[ncb000gt]

Cognito allows users to be created via an admin user. The new user gets a temporary password and is expected to change that password via a challenge response. This allows that flow by making use of some existing code.

Signed-off-by: Nick Campbell nicholas.j.campbell@gmail.com

[ncb000gt]

As I looked through more of the code, it seemed like there may be other places that could use the common function than just the two for which I impl it. I can go through and make the others use that if you'd like before landing this pr. Let me know.

[ncb000gt]

Bump.

[jonsaw]

Thanks for the PR @ncb000gt. I'll try to find some time this week to look into this. Been super busy on my end here -- sorry for the late responses.

[ncb000gt]

No worries. I know how it feels running a few open source projects myself. ;D

Thanks!

FWIW- This code is running in my Flutter app.

[aneeshjoshi]

@ncb000gt Any chance you can provide a sample example of how to use this? I'm having some trouble where when I call completeNewPasswordChallenge, it's being invoked with a null cognito user and null session.

My current flow is: 1) Call Login with username and password 2) When it throws an exception that a new password is needed, I ask the user for a new password and call this function. However it seems when I do this the UserService doesn't have the necessary session/user information.

[ncb000gt]

@aneeshjoshi I'm using this library in Flutter so YMMV.

I'm using this inside my mobile app. I attempt to login. If that fails, an exception is thrown and I catch that with:

} on CognitoUserNewPasswordRequiredException catch (e) {
  message = 'It looks like this is your first time logging in. You need to specify a new password.';
  ...

Then I render the "new password" form. I've held onto the CognitoUser() object I used to attempt the login in the first place and call:

  myCognitoUser.completeNewPasswordChallenge("MY new PASSWORD!");

At this point I just require that the user login again.

I do think your point above is relevant, re: if the user doesn't enter the right password conforming to whatever specifications you've laid out...but again, I'd expect that an exception would be thrown. I should probably verify that part somewhere. ;D

Does that help?

[aneeshjoshi]

That does help. I'm new to flutter and this lib, so I need to figure out how to maintain access to the cognito user. I had trouble where each rebuild of the widget was resetting my user service and underlying objects. Not sure what the idiomatic dart/flutter way to deal with this is. For now I'm trying to keep a user service as a static instance on MyApp level widget.

On Thu, Nov 15, 2018 at 5:36 PM Nick Campbell notifications@github.com wrote:

@aneeshjoshi https://github.com/aneeshjoshi I'm using this library in Flutter so YMMV.

I'm using this inside my mobile app. I attempt to login. If that fails, an exception is thrown and I catch that with:

} on CognitoUserNewPasswordRequiredException catch (e) { message = 'It looks like this is your first time logging in. You need to specify a new password.'; ...

Then I render the "new password" form. I've held onto the CognitoUser() object I used to attempt the login in the first place and call:

myCognitoUser.completeNewPasswordChallenge("MY new PASSWORD!");

At this point I just require that the user login again.

I do think your point above is relevant, re: if the user doesn't enter the right password conforming to whatever specifications you've laid out...but again, I'd expect that an exception would be thrown. I should probably verify that part somewhere. ;D

Does that help?

— You are receiving this because you were mentioned.

Reply to this email directly, view it on GitHub https://github.com/jonsaw/amazon-cognito-identity-dart/pull/22#issuecomment-439215587, or mute the thread https://github.com/notifications/unsubscribe-auth/ADEfayRg9u4rQiCPrAcpTg-a7yXULi4zks5uvexsgaJpZM4WqJYw .

[ncb000gt]

@aneeshjoshi Yea. I'm not entirely sure of the idiomatic dart/flutter approach, but the way I handled it was put a "service" layer that is a singleton inside the app. That maintains the CognitoUser state across the application. Then I have "listeners" that are notified of changes to auth state which will then return the user to the login screen. I settled on this approach, but I believe you could end up doing something similar or better using the BLoC approach in flutter. I just never got a chance to do that. Once the app is built and functional I'm expecting to rework a lot of parts of it. :)

[ncb000gt]

This PR is no longer "clean" since I inadvertently pushed changes up to my branch that @BerndWessels made to one of his PRs...I can recreate the original pr if you really want.

[tigrenok00]

@ncb000gt @jonsaw Hi guys, is this going to be available? We have the same scenario...

[ncb000gt]

@jonsaw ping.

[sumeet07]

Hello there, Changes look safe. Can we merge this to master?

[grahamsmart]

@jonsaw any chance of this being merged into master?

[furaiev]

Hi all here, I've copied this project in a separate package (because this one isn't supported anymore) https://pub.dev/packages/amazon_cognito_identity_dart_2 There are already fixes that were required by my project and NEW_PASSWORD_REQUIRED from maciejkozuch. Pls take a look at latest PR https://github.com/furaiev/amazon-cognito-identity-dart-2/pull/2 and welcome to contribute

[ncb000gt]

I know a bunch of people have commented here. I've just implemented and tested amazon_cognito_identity_dart_2 in my project and it's working largely as expected for my use case with this feature. The only gotcha is that the function name is different from the one I specified, it is sendNewPasswordRequiredAnswer.

Hope that helps anyone here who is still struggling with this and thanks to @jonsaw for all the initial work on this project. It was really helpful. Thanks to @furaiev for picking it up for the next phase.