尽管 auto_verified_attributes = [“email”]，Cognito 注册用户仍未经过验证？

我通过以下方式设置了 localstack cognito 用户池

.tf

:

provider "aws" {
  region                  = "us-east-1"  # Change to your desired region
  access_key              = "test"       # Access key for LocalStack
  secret_key              = "test"       # Secret key for LocalStack
  skip_credentials_validation = true
  skip_requesting_account_id = true
  skip_metadata_api_check     = true

  endpoints {
    iam           = "http://localhost:4566"
    cognitoidp   = "http://localhost:4566"
  }
}
resource "aws_cognito_user_pool" "main_user_pool" {
  name = "main_user_pool"

  account_recovery_setting {
    recovery_mechanism {
      name     = "verified_email"
      priority = 1
    }

    recovery_mechanism {
      name     = "verified_phone_number"
      priority = 2
    }
  }

  # Define the attributes for the user pool
  # Ensure that only standard attributes are marked as required
  schema {
    name                = "email"
    attribute_data_type = "String"
    mutable             = true
    required            = true
  }

  


  password_policy {
    minimum_length    = 6
    require_lowercase = true
    require_numbers   = true
    require_symbols   = true
    require_uppercase = true
  }

  email_configuration {
    email_sending_account = "COGNITO_DEFAULT"
  }

  username_attributes = ["email"]
  auto_verified_attributes = ["email"]
# allow users to sign in with their email as well as their username

  username_configuration {
    case_sensitive = true
  }
}

resource "aws_cognito_user_pool_client" "userpool_client" {
  name                          = "my-client"
  user_pool_id                  = aws_cognito_user_pool.main_user_pool.id
  generate_secret               = false  # No client secret for a public client like a mobile app
}


output "user_pool_client_id" {
  value = aws_cognito_user_pool_client.userpool_client.id
}

我有

auto_verified_attributes = ["email"]

行，所以我希望默认情况下任何注册用户都会立即得到验证。

我的 swift 应用程序使用以下代码注册用户：

func registerUser(email: String, password: String) {
        let serviceConfiguration = AWSServiceConfiguration(region: .USEast1,
                                                           credentialsProvider: nil)
        AWSServiceManager.default().defaultServiceConfiguration = serviceConfiguration

        let signUpRequest = AWSCognitoIdentityProviderSignUpRequest()!
        signUpRequest.clientId = CognitoConfig.clientId
        signUpRequest.username = email
        signUpRequest.password = password
        
        // Define user attributes here - e.g., email
        let emailAttribute = AWSCognitoIdentityUserAttributeType()
        emailAttribute?.name = "email"
        emailAttribute?.value = email
        
        signUpRequest.userAttributes = [emailAttribute!]
        
        // Get the service provider instance
        let cognitoProvider = AWSCognitoIdentityProvider(forKey: "LocalStackCognito")
        
        // Perform the sign-up
        cognitoProvider.signUp(signUpRequest).continueWith { task -> AnyObject? in
            DispatchQueue.main.async {
                if let error = task.error {
                    print("Registration Error: \(error)")
                    //passwrod too short pass doesn't seem human readable
                    errorMessage = error.localizedDescription
                } else {
                    print("Registration Success")
                    
                    loginUser(email: email, password: password)
                    // Handle successful registration, e.g., show confirmation code UI.
                }
            }
            return nil
        }
    }

如果我通过

awslocal cognito-idp describe-user-pool --user-pool-id "<userpoolid>"

描述池，我可以在回复中看到电子邮件是自动验证的属性：

...
,
        "AutoVerifiedAttributes": [
            "email"
        ],
        "UsernameAttributes": [
            "email"
        ],
        "VerificationMessageTemplate": {
            "DefaultEmailOption": "CONFIRM_WITH_CODE"
        },
        "UserAttributeUpdateSettings": {
            "AttributesRequireVerificationBeforeUpdate": []
        },
...

但是，当我注册并通过

awslocal cognito-idp list-users --user-pool-id "<userpoolid>"

列出用户时，我得到：

{
    "Users": [
        {
            "Username": "141bd541-2d8a-4c55-8ebd-83296e1ff99b",
            "Attributes": [
                {
                    "Name": "cognito:username",
                    "Value": "[email protected]"
                },
                {
                    "Name": "email",
                    "Value": "[email protected]"
                },
                {
                    "Name": "sub",
                    "Value": "141bd541-2d8a-4c55-8ebd-83296e1ff99b"
                },
                {
                    "Name": "email_verified",
                    "Value": "false"
                }
            ],
            "UserCreateDate": 1710631590.379655,
            "UserLastModifiedDate": 1710631590.379655,
            "Enabled": true,
            "UserStatus": "UNCONFIRMED"
        }
    ]
}

email_verified

是

false

，

UserStatus

是

UNCONFIRMED

。我不明白我做错了什么。 terraform 显示设置正确，我可以通过池描述进行验证。我错过了什么？

adminConfirmSignUp

func confirmUser(email: String) {
        let confirmSignUpRequest = AWSCognitoIdentityProviderAdminConfirmSignUpRequest()!
        confirmSignUpRequest.userPoolId = "<user_pool_id>"
        confirmSignUpRequest.username = email

        let cognitoProvider = AWSCognitoIdentityProvider(forKey: "LocalStackCognito")
        cognitoProvider.adminConfirmSignUp(confirmSignUpRequest).continueWith { task -> AnyObject? in
            DispatchQueue.main.async {
                if let error = task.error {
                    print("Confirmation Error: \(error)")
                    // Handle confirmation error
                } else {
                    print("User Confirmed")
                    // User is confirmed, proceed with login or next steps
                }
            }
            return nil
        }
    }