Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Forgot password link from aws cognito

I started exploring AWS cognito for my dummy ios application, although I am getting a confirmation link in email during new user signup, and clicking on it verifies the email correctly.

Do we have same functionality for forgot password i.e. getting a link instead of codes and redirect it to my dummy website where only thing user needs to do is enter is new password.

Thanks in advance.

like image 528
Raj Avatar asked Oct 31 '17 05:10

Raj


People also ask

Is it possible to get AWS Cognito user password?

It is not possible to get a user password from AWS Cognito. Cognito just lets the user reset his password but it has got no API call to perform password retrieval and it's not meant to do that for security reasons.

How do I find my Cognito issuer URL?

Authorization . Issuer URL: Check the metadata URL of your Cognito User Pool (construct the URL in this format :: https://cognito-idp.[region].amazonaws.com/[userPoolId]/.well-known/openid-configuration :: look for a claim named "issuer". Copy its Value and paste it here.


2 Answers

Its possible I have achieved this in my project.

Its done via triggers in aws cognito.

In Custom message trigger set lambda function you want to trigger.

const AWS = require('aws-sdk');

exports.handler = (event, context, callback) => {

    var CustomMessage_ForgotPassword = `<style>
        p {
        display: block;
        margin-block-start: 1em;
        margin-block-end: 1em;
        margin-inline-start: 0px;
        margin-inline-end: 0px;
        }
        </style>

        <div id=":x9" class="a3s aXjCH " role="gridcell" tabindex="-1"><p>Hello,</p>
        <p>Follow this link to reset your Password. </p>
        <p><a href="https://your-website.com/reset-password?confirmation_code=${event.request.codeParameter}&user_name=${event.userName}"> Reset Password </a></p>
        <p>If you didn’t ask to change password, you can ignore this email.</p>
        <p>Thanks,</p>
        <p>Your website team</p>
        </div>`


    if (event.triggerSource === "CustomMessage_ForgotPassword") {
        event.response.emailMessage = CustomMessage_ForgotPassword;
    }

    callback(null, event);
};

Then on your website make one route which will handle this code.

like image 109
Mayur Shingare Avatar answered Sep 21 '22 19:09

Mayur Shingare


Yes. You can make a call to the ForgotPassword endpoint:

{
   "AnalyticsMetadata": { 
      "AnalyticsEndpointId": "string"
   },
   "ClientId": "string",
   "SecretHash": "string",
   "Username": "string"
 }

You then need to make a call (from your website code) to the ConfirmForgotPassword endpoint to reset the password:

{
   "AnalyticsMetadata": { 
      "AnalyticsEndpointId": "string"
   },
   "ClientId": "string",
   "ConfirmationCode": "string",
   "Password": "string",
   "SecretHash": "string",
   "Username": "string"
}
like image 22
Derek Brown Avatar answered Sep 18 '22 19:09

Derek Brown