Menu
So in my app I obviously want to provide the means for users to reset their passwords. The issue I'm having though is that the new documentation for User Pools is pretty ambiguous on this topic. Here is what they tell you to do for a Forgot Password flow, and the link you may find it at:
cognitoUser.forgotPassword({ onSuccess: function (result) { console.log('call result: ' + result); }, onFailure: function(err) { alert(err); }, inputVerificationCode() { var verificationCode = prompt('Please input verification code ' ,''); var newPassword = prompt('Enter new password ' ,''); cognitoUser.confirmPassword(verificationCode, newPassword, this); } }); http://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-user-identity-pools-javascript-examples.html
However when I drop this code into my project where a cognitoUser is defined and signed in, nothing seems to happen. I understand I need to somehow integrate this code with sending a verification code to the user, and asking them for a new password, but can't find anything on how to do this. Thoughts?
Thanks
314
To change a Cognito user's password, use the admin-set-password command, setting the --permanent parameter. Copied! The admin-set-user-password command allows us to set a user's password as an administrator. We can set the user's password to a temporary or permanent one.
It is not possible to get a user password from AWS Cognito. Cognito just lets the user reset his password but it has got no API call to perform password retrieval and it's not meant to do that for security reasons.
2.1.Go to AWS Cognito service and click “Manage Identity Pools”. 2. Enter “Identity pool name”, expand the “Authentication providers” section and select “Cognito” tab. This is where the Cognito authentication provider will be registered with the Identity pool.
AWS' docs are terrible on this topic (Cognito). You basically need to setup cognitoUser, then call forgotPassword
export function resetPassword(username) { // const poolData = { UserPoolId: xxxx, ClientId: xxxx }; // userPool is const userPool = new AWSCognito.CognitoUserPool(poolData); // setup cognitoUser first cognitoUser = new AWSCognito.CognitoUser({ Username: username, Pool: userPool }); // call forgotPassword on cognitoUser cognitoUser.forgotPassword({ onSuccess: function(result) { console.log('call result: ' + result); }, onFailure: function(err) { alert(err); }, inputVerificationCode() { // this is optional, and likely won't be implemented as in AWS's example (i.e, prompt to get info) var verificationCode = prompt('Please input verification code ', ''); var newPassword = prompt('Enter new password ', ''); cognitoUser.confirmPassword(verificationCode, newPassword, this); } }); } // confirmPassword can be separately built out as follows... export function confirmPassword(username, verificationCode, newPassword) { cognitoUser = new AWSCognito.CognitoUser({ Username: username, Pool: userPool }); return new Promise((resolve, reject) => { cognitoUser.confirmPassword(verificationCode, newPassword, { onFailure(err) { reject(err); }, onSuccess() { resolve(); }, }); }); } Resetting the password with forgot password flow has two steps:
Use these two functions to perform the above steps and reset the password:
cognitoUser.forgotPassword(): This will start the forgot password process flow. The service generates a verification code and sends it to the user. The "data", returned through callback.inputVerificationCode(data), indicates where the verification code was sent.
cognitoUser.confirmPassword(): Use the delivered verification code with this function to set a new password.
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
