Open NealWalters opened 5 years ago
Inside aws-amplify
, when you trigger authenticateUser
you can provide a callback to for that occasion.
newPasswordRequired: function(userAttributes, requiredAttributes) {
// User was signed up by an admin and must provide new
// password and required attributes, if any, to complete
// authentication.
// the api doesn't accept this field back
delete userAttributes.email_verified;
delete userAttributes.phone_number_verified;
// store userAttributes on global variable
// sessionUserAttributes = userAttributes;
if (!new_password) {
// go to change password page
}
newUser.completeNewPasswordChallenge(new_password, userAttributes, {
onSuccess: result => {
return newUser.changePassword(password, new_password, function(
err,
result,
) {
if (err) {
console.log(err.message || JSON.stringify(err));
reject(err);
} else {
resolve(result);
}
});
},
onFailure: err => {
reject(err);
},
});
},
I didn't figure out how to do it using passport-cognito yet.
EDIT:
I'm still fighting with my NestJS integration, but from what I understand without NestJS you should be able to catch HTTP 412 error and redirect to change password page manually and if you supply newpassword
then it will be changed.
Here's relevant code from passport-cognito
:
var newPassword = req.body.newpassword;
if (newPassword) {
var attributesData = [];
requiredAttributes.map(function(att) {
attributesData[att] = req.body[att];
});
console.log("newPasswordRequired2 ", attributesData, requiredAttributes);
//Try to validate user
return cognitoUser.completeNewPasswordChallenge(newPassword, attributesData, this);
} else {
return self.fail({ message: options.badRequestMessage || 'New Password Required' }, 412);
}
When I added a new test user on Cognito, it's status is "FORCE_CHANGE_PASSWORD". I think, because of that, when I try to login, it's always failing.
I have the standard standard code but put in my two pages:
Based on what I read here: https://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-identity-user-pools-javascript-example-authenticating-admin-created-user.html thought maybe something like the code below might work, but it hasn't yet:
I'm logging the URLS and post/parms as follows, so it looks the redirect is working to the login.html page only:
Is there some other error we can send back to the client on the AJAX call that tell us what the issue is, for example, that he needs to change his password? Is there any type of console.log I can do in the code above to help debug further?
Any idea where to find code to change the password in NodeJS? That would be outside of Passport correct?
Thanks, Neal