发表新帖
发表新帖

AWS Cognito User Pool without a password

前端 未结
关注
3 1367
南方客
南方客 2020-12-13 13:55

I want to use a phone number as the username for my app and i want to be able to make it simple to sign up by just having to verify the phone number each time they want to l

3条回答
  • [愿得一人]
    [愿得一人] (楼主)
    2020-12-13 14:38

    Since AWS Cognito is not currently supporting passwordless authentication you need to implement a workaround with random password stored externally. You can implement the authentication flow as follows.

    • After user Signup (Also ask for mobile number and make it mandatory), store the Mobile number, Username and Password also in Dynamodb encrypted with AWS KMS (For additional security).
    • You can use MFA with mobile number for authentication challenge so that after the user enters mobile number and press login(In frontend), in the backend you can automatically do username password matching(Passthrough) and trigger the MFA to send a code for user's mobile and verify that using the AWS Cognito SDK (Without implementing custom mobile message and challenge).
    • If you plan to implement the flow manually(Without MFA) to send the SMS & validation, you can use AWS SNS for the purpose.

    Check the following code sample to understand the insight of MFA and refer this link for more details.

        var userData = { 
        Username : 'username',
        Pool : userPool
    };

    cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);

    var authenticationData = {
        Username : 'username',
        Password : 'password',
    };

    var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);

    cognitoUser.authenticateUser(authenticationDetails, {
        onSuccess: function (result) {
            alert('authentication successful!')
        },

        onFailure: function(err) {
            alert(err);
        },

        mfaRequired: function(codeDeliveryDetails) {
            var verificationCode = prompt('Please input verification code' ,'');
            cognitoUser.sendMFACode(verificationCode, this);
        }

    });

    Note: Here the MFA with mobile number is not used for the purpose of MFA but as a workaround to meet your requirement.

    0 讨论(0)
 看不清?
提交回复
热议问题