科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - AWS Coginto API , Forgot Password Action not raising InvalidParameterException even if neither a verified phone num

    javascript - AWS Coginto API , Forgot Password Action not raising InvalidParameterException even if neither a verified phone num

    programmeradmin0浏览0评论

    As per docs says .html If the user has not yet verified his email or phone number then 

    Auth.forgotPassword(username)

    should return some error message. as written in documentation

    If neither a verified phone number nor a verified email exists, an InvalidParameterException is thrown.

    but it's not raising an exception, instead, I receive a success response. 

    "CodeDeliveryDetails":{"AttributeName":"email","DeliveryMedium":"EMAIL","Destination":"m***@g***"}}

    I dont receive the email though.

    what can be the reason ?

    As per docs says https://docs.aws.amazon./cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html If the user has not yet verified his email or phone number then 

    Auth.forgotPassword(username)

    should return some error message. as written in documentation

    If neither a verified phone number nor a verified email exists, an InvalidParameterException is thrown.

    but it's not raising an exception, instead, I receive a success response. 

    "CodeDeliveryDetails":{"AttributeName":"email","DeliveryMedium":"EMAIL","Destination":"m***@g***."}}

    I dont receive the email though.

    what can be the reason ?

    • javascript
    • reactjs
    • amazon-web-services
    • amazon-cognito
    • aws-amplify
    Share Improve this question asked Apr 23, 2020 at 14:27 umerumer 1,3161 gold badge18 silver badges36 bronze badges 1
    • I've encountered the same issue and unfortunately have not found an answer yet. – Michael Birsak Commented May 12, 2020 at 21:47
    Add a ment  | 

    3 Answers 3

    Reset to default 8

    I was seeing the same issue. It turned out to the related to this:

    Use the PreventUserExistenceErrors setting of a user pool app client to enable or disable user existence related errors.

    mentioned here: https://docs.aws.amazon./cognito/latest/developerguide/cognito-user-pool-managing-errors.html:

    After changing that setting on the user pool to 'Legacy' from 'Enabled' I started seeing a 400 response:

    {
  "__type": "UserNotFoundException",
  "message": "Username/client id bination not found."
}

    @ryan-hines Oh my god, thank you! I've been struggling with this for days.

    We had a very similar issue:

    • User signs up via Google
    • User tries to reset password
    • We wanted to disallow this and tell them to use their social login (you'd think Cognito would handle this part, but no)
      • In order to solve this, we wrote a custom Migration lambda to handle "UserMigration_ForgotPassword"
      • Even though we were throwing an Error in the lambda, it was still showing a success message in the UI, but was not sending the email

    In the newer Cognito UI, we had to go into:

    • App Integration
    • Click on app client
    • Click "Edit" in App client information section
    • At the bottom under "Advanced security configurations" uncheck "Prevent user existence errors"

    Now the UI properly shows a failure when our lambda throws an error.

    You need to make sure the email attribute for user is verified

    继续浏览有关 的文章

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论