AWS Cognito管理员创建用户临时密码验证和重置

Question

AWS Cognito管理员创建用户临时密码验证和重置

javascriptamazon-web-servicesaws-lambdaaws-sdkamazon-cognito

6

我正在尝试验证管理员使用AWS Cognito通过密码重置挑战创建了一个用户，并且生成了一个临时密码。我找不到如何在JavaScript中使用临时密码并为新用户设置新密码的方法或示例。

- Harsh

2个回答

0

我已经阅读了您提到的文档。我不明白 'attributesData' 应该是什么。以下是我目前所做的。

var authenticationData = {
       Username : email,
       Password : temppassword,
   };
   var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
   cognitoUser.authenticateUser(authenticationDetails, {
       onSuccess: function (result) {
           console.log('access token + ' + result.getAccessToken().getJwtToken());
           console.log('idToken + ' + result.idToken.jwtToken);// User authentication was successful
       },

       onFailure: function(err) {
           alert(err);// User authentication was not successful
       },

       newPasswordRequired: function(userAttributes, requiredAttributes) {
           userAttributes: authenticationData; 
           requiredAttributes: email;
           var newPassword: password;
           // attributesData: object with key as attribute name and value that the user has given.
           cognitoUser.completeNewPasswordChallenge(newPassword, attributesData, this)
       }
   });

- Harsh

2

attributesData 应该是一个对象，包含 Cognito 缺少的用户属性。必需的属性应列在 requiredAttributes 参数中。这取决于您如何创建原始用户。例如，如果您创建用户时没有设置 name，但 name 是必填字段，则需要将 attributesData 设置为类似 { name: 'User Name' } 的内容。 - Joe Lafiosca

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- Joe Lafiosca · Accepted Answer

亚马逊Cognito开发者指南提供了一个例子，展示如何使用临时密码进行身份验证并处理“newPasswordRequired”条件。

cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: [...],
    onFailure: [...],
    mfaRequired: [...],
    newPasswordRequired: function(userAttributes, requiredAttributes) {
        // User was signed up by an admin and must provide new 
        // password and required attributes, if any, to complete 
        // authentication.

        // userAttributes: object, which is the user's current profile. It will list all attributes that are associated with the user. 
        // Required attributes according to schema, which don’t have any values yet, will have blank values.
        // requiredAttributes: list of attributes that must be set by the user along with new password to complete the sign-in.


        // Get these details and call 
        // newPassword: password that user has given
        // attributesData: object with key as attribute name and value that the user has given.
        cognitoUser.completeNewPasswordChallenge(newPassword, attributesData, this)
    }
});

从这里的指南中摘录：https://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-identity-user-pools-javascript-example-authenticating-admin-created-user.html 请注意，示例中completeNewPasswordChallenge的第三个参数是this，即具有处理程序函数的对象。这是因为completeNewPasswordChallenge需要onSuccess和onFailure处理程序，并且您通常可以使用与authenticateUser结果相同的处理程序。