Amplify-js: How to resolve cognito user status: FORCE_CHANGE_PASSWORD

Created on 26 Nov 2017  路  2Comments  路  Source: aws-amplify/amplify-js

Hi,

https://github.com/aws/aws-amplify/blob/3ff3a8c696e478a2f0d4f01d17c8e83e82bd85c9/packages/aws-amplify/src/Auth/Auth.ts#L190-L196

This code is reached when the user has the status FORCE_CHANGE_PASSWORD i.e. after a new user was created in cognito (by the admin in the aws-webconsole, with a temporary password, because signup is not allowed for example).

In my old code I resolved this with a call on cognitoUser object: 

cognitoUser.completeNewPasswordChallenge(this.new_password, {email}, ctx);

You initialized the CognitoUser object around line 166, but did not add it to the resolved promise - any chance to get access on this or any suggestions how to solve the initial FORCE_CHANGE_PASSWORD state of the user?

Thanks

picture defel

Most helpful comment

Hi @defel , Thank you for pointing the issue out. We just made a fix, changed the resolve object. Here is the code snippet:

                mfaRequired: (challengeName, challengeParam) => {
                    logger.debug('signIn MFA required');
                    user['challengeName'] = challengeName;
                    user['challengeParam'] = challengeParam;
                    resolve(user);
                },
                newPasswordRequired: (userAttributes, requiredAttributes) => {
                    logger.debug('signIn new password');
                    user['challengeName'] = 'NEW_PASSWORD_REQUIRED';
                    user['challengeParam'] = {
                        userAttributes: userAttributes,
                        requiredAttributes: requiredAttributes
                    };
                    resolve(user);
                }

You'll need to hold this user object, collect new password, then call Auth.completeNewPassword(user, new_password, requiredAttributes) to complete the process.

Please pull the latest version. Let us know if any issues.

Thanks,
Richard

picture richardzcode on 27 Nov 2017
👍7 🎉2

All 2 comments

Hi @defel , Thank you for pointing the issue out. We just made a fix, changed the resolve object. Here is the code snippet:

                mfaRequired: (challengeName, challengeParam) => {
                    logger.debug('signIn MFA required');
                    user['challengeName'] = challengeName;
                    user['challengeParam'] = challengeParam;
                    resolve(user);
                },
                newPasswordRequired: (userAttributes, requiredAttributes) => {
                    logger.debug('signIn new password');
                    user['challengeName'] = 'NEW_PASSWORD_REQUIRED';
                    user['challengeParam'] = {
                        userAttributes: userAttributes,
                        requiredAttributes: requiredAttributes
                    };
                    resolve(user);
                }

You'll need to hold this user object, collect new password, then call Auth.completeNewPassword(user, new_password, requiredAttributes) to complete the process.

Please pull the latest version. Let us know if any issues.

Thanks,
Richard

richardzcode picture richardzcode on 27 Nov 2017
👍7 🎉2

thank you richard for your fast response, this works perfectly.

defel picture defel on 28 Nov 2017
Was this page helpful?
0 / 5 - 0 ratings

Related issues

shinnapatthesix picture shinnapatthesix  路  3Comments
ldgarcia picture ldgarcia  路  3Comments
josoroma picture josoroma  路  3Comments
simon998yang picture simon998yang  路  3Comments
leantide picture leantide  路  3Comments