An Interest In:
Web News this Week
- April 29, 2024
- April 28, 2024
- April 27, 2024
- April 26, 2024
- April 25, 2024
- April 24, 2024
- April 23, 2024
Cognito custom flow sign-in sends a confirm code via email
Prepare:
Cognito create user pool
Create 3 lambda function: 2faDefine.js, 2faCreate.js, 2faVerify.js
Cognito user pool
Note: User pool ID & App client ID
The newly created user has confirmation status is Force change password
, now you need to run the script below to update confirmation status
from Force change password
to Confirmed
.
aws cognito-idp admin-set-user-password --user-pool-id {user pool ID} --username {username} --password {password} --permanent
Add custom attributes authChallenge
, so after saving it will automatically add the prefix custom:
, ouput custom:authChallenge
.
This custom attribute contains a confirmation code and expiration time information when the end user submits a login.
You find App client list
, so click Client your app
.
This custom attribute
custom:authChallenge
must have read and write permissions.Option
Authentication flow session duration
has a value equal to the expiration time of the confirm-code.Option
Authentication flows
has a valueALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH
.
Add Lambda trigger with trigger type
Custom authentication
Custom authentication
Choose
Define auth challenge
mapping to lambda function2faDefine
.
ChooseCreate auth challenge
mapping to lambda function2faCreate
.
ChooseVerify auth challenge response
mapping to lambda function2faVerify
.
Lambda deploy with code
1./ Function 2faDefine
2./ Function 2faCreate
Tab Configuration > General configuration
Change value of the option timeout up 5 minute because
nodemailer
send email not working.
Tab Configuration > Environment variables
CUSTOM_ATTRIBUTES = custom:authChallenge
EMAIL_FROM_ADDRESS = [email protected]
USER_POOL_ID = xxxxxxxxx
3./ Function 2faVerify
Tab Configuration > Environment variables
CONFIRM_CODE_TIMEOUT = 15
CUSTOM_ATTRIBUTES = custom:authChallenge
Frontend Angular
Libary
[amazon-cognito-identity-js](https://www.npmjs.com/package/amazon-cognito-identity-js)
,[angular-code-input](https://www.npmjs.com/package/angular-code-input)
Git:
Form login: when the end user clicks submit, it will call the function
onSubmitLogin
.
Form confirm code: when the end user enters the confirm-code, it will call the functiononCodeCompleted
.
Note:
If you want to refactor code, make sure the code example works first.
Please comment any issues you encounter and I will try to answer you.
Original Link: https://dev.to/trantn/cognito-custom-flow-sign-in-sends-a-confirm-code-via-email-1j12
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To