1. 技术文章
  2. Forgot password link from aws cognito

Forgot password link from aws cognito

孤街浪徒 提交于 2019-12-05 20:30:59

问题


I started exploring AWS cognito for my dummy ios application, although I am getting a confirmation link in email during new user signup, and clicking on it verifies the email correctly.

Do we have same functionality for forgot password i.e. getting a link instead of codes and redirect it to my dummy website where only thing user needs to do is enter is new password.

Thanks in advance.


回答1:


Its possible I have achieved this in my project.

Its done via triggers in aws cognito.

In Custom message trigger set lambda function you want to trigger.

const AWS = require('aws-sdk');

exports.handler = (event, context, callback) => {

    var CustomMessage_ForgotPassword = `<style>
        p {
        display: block;
        margin-block-start: 1em;
        margin-block-end: 1em;
        margin-inline-start: 0px;
        margin-inline-end: 0px;
        }
        </style>

        <div id=":x9" class="a3s aXjCH " role="gridcell" tabindex="-1"><p>Hello,</p>
        <p>Follow this link to reset your Password. </p>
        <p><a href="https://your-website.com/reset-password?confirmation_code=${event.request.codeParameter}&user_name=${event.userName}"> Reset Password </a></p>
        <p>If you didn’t ask to change password, you can ignore this email.</p>
        <p>Thanks,</p>
        <p>Your website team</p>
        </div>`


    if (event.triggerSource === "CustomMessage_ForgotPassword") {
        event.response.emailMessage = CustomMessage_ForgotPassword;
    }

    callback(null, event);
};

Then on your website make one route which will handle this code.




回答2:


Yes. You can make a call to the ForgotPassword endpoint:

{
   "AnalyticsMetadata": { 
      "AnalyticsEndpointId": "string"
   },
   "ClientId": "string",
   "SecretHash": "string",
   "Username": "string"
 }

You then need to make a call (from your website code) to the ConfirmForgotPassword endpoint to reset the password:

{
   "AnalyticsMetadata": { 
      "AnalyticsEndpointId": "string"
   },
   "ClientId": "string",
   "ConfirmationCode": "string",
   "Password": "string",
   "SecretHash": "string",
   "Username": "string"
}



回答3:


I forgot about this question which I asked few months back, thought of updating it with the answer. So, according to the AWS documentation:
"Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. If a verified phone number exists for the user, the confirmation code is sent to the phone number. Otherwise, if a verified email exists, the confirmation code is sent to the email. If neither a verified phone number nor a verified email exists, InvalidParameterException is thrown. "
Here is the link to AWS doc.
So there might be some workaround to achieve it, but sending a self verification link for forgot password is not supported by AWS Cognito for now.




回答4:


I know that this question has been answered and accepted, and while it is true that Cognito does not do this out of the box, I wanted to find a way to get this to work seamlessly.

Here's what I came up with:

  1. Create a page in on your website with an email input box. When the user submits, use the user pool and email to create a CognitoUser instance and call the forgotPassword function on the user.
  2. Create an email interceptor Lambda as described in the answer by Mayur Shingare.
  3. Hook this Lambda up to the Custom Message trigger. The user should now receive a mail with your custom email, containing the verification code and his email in the query parameters, and not the standard verification code email.
  4. When the user clicks the link a browser window should open to your site. You then pull these query parameters from the URL. On this page have two boxes so that the user can type and confirm his password.
  5. On submission of the new password, use the user pool, email and verification code (from the query parameters) to get the CognitoUser instance and call the confirmPassword function.
  6. On success either log the user in programatically using the new password or redirect the user to log in manually.

Any thoughts on this? I have used the same kind of mechanism to get user registration to work in a seamless fashion, although that required a bit more work.




回答5:


You have to trigger Lambda function and attaching it to General Settings -> Triggers -> Custom Message in Your User Pool (AWS).

Here is the example.

exports.handler = (event, context, callback) => {
// https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-message.html
// dev
if(event.userPoolId === "YOUR USER POOL ID") {
    // Identify why was this function invoked
    if(event.triggerSource === "CustomMessage_ForgotPassword") {           
            event.response.smsMessage = "Your confirmation code is: " + event.request.codeParameter;
            event.response.emailSubject = "Confirmation Code";
            event.response.emailMessage = "Your confirmation code: " + event.request.codeParameter + "<br/><br/>Please visit this url and provide the requested information: ~your url~";   
        }        
}


// Return to Amazon Cognito
callback(null, event);
};


来源:https://stackoverflow.com/questions/47028382/forgot-password-link-from-aws-cognito

标签
ios
amazon-web-services
aws-lambda
amazon-cognito
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!