使用 adminCreateUser 命令创建 Cognito 用户后如何确认

问题描述 投票:0回答:1

创建 Cognito 用户后

let AWS = require("aws-sdk");
AWS.config.update({
  region: "us-east-1"
});

const cognitoidentityserviceprovider = new AWS.CognitoIdentityServiceProvider({
  apiVersion: "2016-04-19",
  region: "us-east-1"
});

let USER_POOL_ID = "my-cognito-user-pool-id"

var poolData = {
  UserPoolId: USER_POOL_ID,
  Username: "[email protected]",
  DesiredDeliveryMediums: ["EMAIL"],
  TemporaryPassword: "Test123456",
  UserAttributes: [
    {
    Name: "email",
    Value: "[email protected]"
    },
    {
    Name: "email_verified",
    Value: "true"
    }
  ]
};

cognitoidentityserviceprovider.adminCreateUser(poolData, (error, data) => {
  console.log(error);
  console.log(data);
});

命令的输出如下

{
  User: {
    Username: 'e9c137e4-6482-4bf5-9fb9-03f764dd0b4b',
    Attributes: [ [Object], [Object], [Object] ],
    UserCreateDate: 2021-04-27T14:17:43.856Z,
    UserLastModifiedDate: 2021-04-27T14:17:43.856Z,
    Enabled: true,
    UserStatus: 'FORCE_CHANGE_PASSWORD'
  }
}

从此输出中,我获取 

Username
值,然后使用它通过 
adminConfirmSignUp
命令确认用户:

var params = {
  UserPoolId: USER_POOL_ID, 
  Username: 'e9c137e4-6482-4bf5-9fb9-03f764dd0b4b', 
  ClientMetadata: {
    'STRING_KEY_1': 'STRING_VALUE_1',
    'STRING_KEY_2': 'STRING_VALUE_2'
  }
};
cognitoidentityserviceprovider.adminConfirmSignUp(params, function(err, data) {
  if (err) console.log(err, err.stack); 
  else     console.log(data);           
});

但我收到错误:

NotAuthorizedException: User cannot be confirmed. Current status is FORCE_CHANGE_PASSWORD

后来我发现,我可以使用

adminSetUserPassword
命令来更改用户密码。它碰巧也确认了用户并且工作正常,除了它不会触发我需要触发的确认后 lambda 

var params = {
  Password: 'New-password', 
  UserPoolId: USER_POOL_ID, 
  Username: 'e9c137e4-6482-4bf5-9fb9-03f764dd0b4b', 
  Permanent: true
};
cognitoidentityserviceprovider.adminSetUserPassword(params, function(err, data) {
  if (err) console.log(err, err.stack); 
  else     console.log(data);           
});

如何确认使用 

adminCreateUser
命令创建的用户。我不想用 
adminSetUserPassword
来确认。我宁愿使用 
adminConfirmSignUp
命令来确认用户并触发确认后 lambda。请指教。

javascript node.js typescript amazon-web-services amazon-cognito
1个回答
2
投票

这是 Cognito 的一个已知问题。以下解决方法可能适合您的用例,具体取决于您期望的行为。

在身份验证后处理程序中执行检查,并在其中以及确认后处理程序中执行后确认逻辑。

def handler(event, _):
    ''' handle post auth event '''
    status = event['request']['userAttributes']['cognito:user_status']
 
    # If the status hasn't been confirmed yet, we can assume it now is
    if status == 'FORCE_CHANGE_PASSWORD':
       # Do Something
 
    return event


AdminConfirmSignUp
仍然不会调用确认后处理程序,所以不要浪费时间让它工作。如果您想在用户配置步骤中执行某些逻辑,只需自己调用处理程序,不要指望 cognito 有意义。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.