Amplify-js: user.completeNewPasswordChallenge is not a function

@goatandsheep hi can you confirm that the userFromLoginAttempt object should be a CognitoUser object?

More details

upon Auth.signIn(), I receive a cognito user object. Unfortunately both Auth.currentSession() and Auth.currentAuthenticatedUser() came up as error instead of returning the user, so I couldn't access the CognitoUser object. As a workaround, I stored the user temporarily in localStorage. However, Amplify did not recognize the object after the JSON had been parsed. In addition, my router was auth-protected and clears the store when the above two functions return errors.

Fix

I whitelisted the password change page to not be auth protected and put the value into my store

Suggestion

Provide a way to obtain the user object when the user is not yet confirmed other than signIn. Even if it's located in the error message. I don't even know if it's cached.

@goatandsheep When you get resolved from Auth.signIn() with that user object, you are not actually signed in because you need to complete the new password. So at that moment Auth.currentSession and Auth.currentAuthenticatedUser won't work because you are not signed in. You need to directly use that user object returned from Auth.signIn() to help you finish the login process.

@powerful23 right! However, the user object that comes back from Auth.signIn() includes a session object, so it's inconsistent for Auth.currentSession() to not return the same session object. I would suggest you return it there if possible

Same error..
e = TypeError: user.completeNewPasswordChallenge is not a function at eval (webpack:///./node_modules/@aws-amplify/auth/lib/Auth.js?:783:18) at new Promise () at AuthClass.completeNewPassword (webpack:///./node_modules/@aws-amplify/auth/lib/Auth.js?:782:16) at HTMLButtonElement.SubmitVerifyUserButton.addEventListener (webpack:///./src/app.js?:110:58)

CognitoUser {username: "fooUser", pool: CognitoUserPool, Session: "ysigtMhHzzzWchNgzYZnvfQg2cbWEjKFr6wR1lf1VA…Gl5Ua9XZphoX21tzCchHYxKzzdl_9hbihiQTzfHEy8_nrzs", client: Client, signInUserSession: null, …}

Code

aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].signIn(userNameField.value, passwordField.value)
.then(user => {
console.log(user);
MessagesDiv.innerHTML = "Sign in success";
if(user.challengeName === "NEW_PASSWORD_REQUIRED"){
aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].completeNewPassword(VerifyUser.value, 'NewPassword2018')
.then(() => {
MessagesDiv.innerHTML = "Sign in success. Password updated";
console.log('Password updated');

        })
        .catch(e => {
            MessagesDiv.innerHTML = "failed with error" + e;
            console.log('failed with error', e);
        });
    }

you're missing a lot in your workflow. Here let me help you out:

aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].signIn(userNameField.value, passwordField.value)
  .then(user => {
    console.log(user);
    MessagesDiv.innerHTML = "Sign in success";
    if (user.challengeName === "SMS_MFA" || user.challengeName === "SOFTWARE_TOKEN_MFA") {
      aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].confirmSignUp(/* TODO */)
    } else if(user.challengeName === "NEW_PASSWORD_REQUIRED"){
      aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].completeNewPassword( VerifyUser.value, 'NewPassword2018')
        .then(() => {
          MessagesDiv.innerHTML = "Sign in success. Password updated";
          console.log('Password updated');
        })
        .catch(e => {
            MessagesDiv.innerHTML = "failed with error" + e;
            console.log('failed with error', e);
        });
    } else if (typeof user.challengeName !== 'undefined') {
      console.error(user.challengeName)
    }
    function checkUser(user) {
      aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].verifiedContact(user)
        .then((data) => {
          console.log("verification result", data);
          if (Object.keys(data.verified).length > 0) {
            console.log("Successful login")
          } else {
            aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].verifyContact(/* TODO */)
          }
        }
    }
    checkUser(user)

Thank you for the help. I have few additional questions. 1. I am stepping through the code and see that the user.challengeName === "NEW_PASSWORD_REQUIRED" is true. The user status in cognito is FORCE_CHANGE_PASSWORD. So, the completeNewPassword is called but returns error *TypeError: user.completeNewPasswordChallenge is not a function at eval *. Although, the workflow steps you mention will have to be included in the production code, I have made MFA option turned off in the user pool configuration to keep things simple. I will try the code you have posted, turn MFA on and see if it resolves the error. I appreciate your help.

How are you calling Auth.completeNewPassword? Put the line here. It must have the following params:

1. The user object directly from Auth.signIn
2. The user's new password
3. An object containing additional settings ( use {} if you don't have any)

Thank you. Your response helped in identifying my mistake. The user object passed to Auth.completeNewPassword was different from the one returned by signin method so it was failing. After changing to use the object returned by signin it works correctly. Confirmed in cognito console that the status of user does change correctly.

Anyone can confirm that the user object returned from signIn can be stored in the session storage via JSON.parse()?
When the user sign in at the first time, I redirect the page to the change password one, however when I use the stored user object to call the completeNewPassword() it always says the error as user.completeNewPasswordChallenge is not a function

I tried this (long story above - sessionstorage stores the same format as localstorage) and the object wasn't recognized properly. It needs to be a CognitoUser object. You're going to have to figure out how to pass it directly or put it in a 3rd party store like Redux or even Amplify Cache

Thanks mate. I finally use the BehaviourSubject to store the user (this project is based on Angular). In case the user refreshed the page then I'll take it as session expired and redirect the user to the login page. Not perfect, but should be able to satisfy the PO

this happened yesterday since we were using Immutable in redux reducers, which created a clone of the user object. If you are doing the same, please be aware and pass the user object directly.

So this problem troubled me for some time. Amplify Cache didn't seem to work and caching username and password is a bad idea, however my work around was just include the username and password in the Require-New-Password form, so I have 4 inputs instead of just newPassword & confirmPassword which now is username, oldPassword, newPassword, and confirmPassword.

Good luck!

You can simply use the predefined amplify method like below.
const currentUser = await Auth.currentAuthenticatedUser();

const currentUser = await Auth.currentAuthenticatedUser();

how does this solve "TypeError: user.completeNewPasswordChallenge is not a function"??

Thank you. Your response helped in identifying my mistake. The user object passed to Auth.completeNewPassword was different from the one returned by signin method so it was failing. After changing to use the object returned by signin it works correctly. Confirmed in cognito console that the status of user does change correctly.

Would you please provide the working example for the rest of us?

@mikeRChambers610 you have to pass the object returned by Auth.signIn() instead of a username string. There isn't anything in the session yet, so @nikhilknoldus suggestion will not work

Here's an example using React: https://gist.github.com/davekiss/9af08fde4ce2d40e306a35028583d6e5