AWS Cognito: how to allow users to change email without sending verification code?

问题

In my Android app, I want my users to be able to change their email addresses (that they use to connect to their accounts), without getting any verification code by email.

So far, I manage to change the email address, and thanks to a lambda, set email_verified to true automatically. But unfortunately, an email is still sent with a verification code...

Here is what I did in my Android app:

public void onClickChangeEmail(View view)
{
    CognitoUserAttributes attributes = new CognitoUserAttributes();
    attributes.getAttributes().put("email", "second@mail.com");
    CognitoSettings
            .getCognitoUserPool(MainActivity.this)
            .getCurrentUser()
            .updateAttributesInBackground(attributes, new UpdateAttributesHandler()
    {
        @Override
        public void onSuccess(List<CognitoUserCodeDeliveryDetails> attributesVerificationList)
        {
            Log.i("tag", "Email updated!");
        }

        @Override
        public void onFailure(Exception e)
        {
            e.printStackTrace();
        }
    });
}

And in my AWS console, I added a trigger in Cognito on Custom message, and here is my lambda function, which is triggered everytime a user updates his email:

const AWS = require('aws-sdk')
AWS.config.update({region: 'eu-central-1'});

exports.handler = (event, context, callback) => {
    if (event.triggerSource === 'CustomMessage_UpdateUserAttribute')
    {
        const params = {
            UserAttributes: [
              {
                  Name: 'email_verified',
                  Value: 'true',
              },
            ],
            UserPoolId: event.userPoolId,
            Username: event.userName,
        };
        var cognitoIdServiceProvider = new AWS.CognitoIdentityServiceProvider();
        cognitoIdServiceProvider.adminUpdateUserAttributes(params, function(err, data) {
            if (err) context.done(err, event); // an error occurred
            else context.done(null, event); // successful response
        });
    }
    else
    {
        context.done(null, event);
    }
};

The only workaround I found is to throw an error instead of context.done(null, event);, but it doesn't look like a clean solution.

Is there a better and cleaner way to prevent Cognito from sending a verification email?

Thanks for your help.

来源：https://stackoverflow.com/questions/57039616/aws-cognito-how-to-allow-users-to-change-email-without-sending-verification-cod