Amplify-js: Auth.signIn request at the same time generate same jwt token with different accounts

Created on 10 Nov 2020 · 5Comments · Source: aws-amplify/amplify-js

Describe the bug
When submit two request to method await Auth.signIn(username, password) at the same time with different accounts, the method generate the same token (signInUserSession.accessToken.jwtToken);

To Reproduce
Steps to reproduce the behavior:

Use the method await Auth.signIn(username, password)
Make two requests with different accounts at exactly the same time
get the function's return and go to: signInUserSession.accessToken.jwtToken
and you will see that the generated token is the same for different accounts

Auth to-be-reproduced

Source

leleofg

👍5

Most helpful comment

I was able to reproduce this behavior, which definitely appears to be a race-condition:

Signing in separately returns different tokens (e.g. even a second or two apart).
Signing in simultaneously returns the same jwtToken:

https://codesandbox.io/s/aws-amplifyamplify-jsissues7161-m1ps0?file=/src/App.js

So we can help prioritize this issue, can you provide some detail on why two separate user accounts are being signed in simultaneously? Thanks!

ericclemmons on 7 Dec 2020

👍5

All 5 comments

I have the same problem, like you.

mlaguardia on 10 Nov 2020

Up! Exactly the same issue here.

Cardoso222 on 11 Nov 2020

@leleofg can you provide your package.json along with your environment settings?

Please use the follow command:

npx envinfo --system --binaries --browsers --npmPackages --npmGlobalPackages

Thanks ahead of time!

sammartinez on 16 Nov 2020

Thanks for answering @sammartinez . Below my env:

System:
OS: Linux 5.4 Ubuntu 20.04.1 LTS (Focal Fossa)
CPU: (4) x64 Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Memory: 4.30 GB / 15.54 GB
Container: Yes
Shell: 5.0.17 - /bin/bash
Binaries:
Node: 12.18.3 - ~/.nvm/versions/node/v12.18.3/bin/node
npm: 6.14.6 - ~/.nvm/versions/node/v12.18.3/bin/npm
Browsers:
Chrome: 86.0.4240.198
Firefox: 82.0.3
npmPackages:
@sendgrid/mail: ^7.4.0 => 7.4.0
@sentry/node: ^5.27.3 => 5.27.3
@types/cors: ^2.8.8 => 2.8.8
@types/dotenv: ^8.2.0 => 8.2.0
@types/express: ^4.17.7 => 4.17.8
@types/express-useragent: ^1.0.0 => 1.0.0
@types/ip: ^1.1.0 => 1.1.0
@types/jest: ^26.0.15 => 26.0.15
@types/jsonwebtoken: ^8.5.0 => 8.5.0
@types/jwk-to-pem: ^2.0.0 => 2.0.0
@types/morgan: ^1.9.2 => 1.9.2
@types/multer: ^1.4.4 => 1.4.4
@types/node: ^14.14.7 => 14.14.7
@types/pg: ^7.14.6 => 7.14.6
@types/supertest: ^2.0.10 => 2.0.10
@types/uuid: ^8.3.0 => 8.3.0
@typescript-eslint/eslint-plugin: ^3.10.1 => 3.10.1
@typescript-eslint/parser: ^3.10.1 => 3.10.1
aws-amplify: ^3.3.8-unstable.3 => 3.3.8-unstable.3
aws-sdk: ^2.789.0 => 2.789.0
axios: ^0.20.0 => 0.20.0
cors: ^2.8.5 => 2.8.5
dotenv: ^8.2.0 => 8.2.0
eslint: ^7.13.0 => 7.13.0
eslint-config-prettier: ^6.15.0 => 6.15.0
eslint-plugin-prettier: ^3.1.4 => 3.1.4
express: ^4.17.1 => 4.17.1
express-useragent: ^1.0.15 => 1.0.15
fuzzy-matching: ^0.4.3 => 0.4.3
generate-password: ^1.5.1 => 1.5.1
ip: ^1.1.5 => 1.1.5
jest: ^26.6.3 => 26.6.3
joi: ^17.3.0 => 17.3.0
jsonwebtoken: ^8.5.1 => 8.5.1
jwk-to-pem: ^2.0.4 => 2.0.4
knex: ^0.21.12 => 0.21.12
morgan: ^1.10.0 => 1.10.0
multer: ^1.4.2 => 1.4.2
mysql: ^2.18.1 => 2.18.1
node-fetch: ^2.6.0 => 2.6.1
node-phpass-leo: ^1.0.0 => 1.0.0
pg: ^8.5.0 => 8.5.0
prettier: ^2.1.2 => 2.1.2
supertest: ^4.0.2 => 4.0.2
ts-jest: ^26.4.4 => 26.4.4
ts-node-dev: ^1.0.0 => 1.0.0
typescript: ^4.0.5 => 4.0.5
uuid: ^8.3.1 => 8.3.1
npmGlobalPackages:
@aws-amplify/cli: 4.29.4
knex: 0.21.5
n: 6.7.0
npm: 6.14.6
ts-node: 8.10.2
typescript: 3.9.7