如何允许我的用户在 Cognito 用户池上重置密码?
How to allow my user to reset their password on Cognito User Pools?
所以在我的应用程序中,我显然想为用户提供重置密码的方法。我遇到的问题是用户池的新文档在这个主题上非常模糊。这是他们告诉您为忘记密码流程做的事情,您可以在 link 找到它:
cognitoUser.forgotPassword({
onSuccess: function (result) {
console.log('call result: ' + result);
},
onFailure: function(err) {
alert(err);
},
inputVerificationCode() {
var verificationCode = prompt('Please input verification code ' ,'');
var newPassword = prompt('Enter new password ' ,'');
cognitoUser.confirmPassword(verificationCode, newPassword, this);
}
});
然而,当我将此代码放入我的项目中并在其中定义并登录了 cognitoUser 时,似乎没有任何反应。我知道我需要以某种方式将此代码与向用户发送验证码并要求他们输入新密码相集成,但找不到有关如何执行此操作的任何信息。想法?
谢谢
使用忘记密码流程重置密码有两个步骤:
- 通过向服务请求验证码来启动该过程。代码将发送到用户的 phone/email。
- 使用发送的验证码设置新密码。
使用这两个函数执行上述步骤并重置密码:
cognitoUser.forgotPassword():这将启动忘记密码流程。该服务生成验证码并将其发送给用户。通过callback.inputVerificationCode(data)返回的"data"表示验证码发送到哪里
cognitoUser.confirmPassword(): 使用此功能下发的验证码设置新密码
AWS 的文档在这个主题 (Cognito) 上很糟糕。您基本上需要设置 cognitoUser,然后调用 forgotPassword
export function resetPassword(username) {
// const poolData = { UserPoolId: xxxx, ClientId: xxxx };
// userPool is const userPool = new AWSCognito.CognitoUserPool(poolData);
// setup cognitoUser first
cognitoUser = new AWSCognito.CognitoUser({
Username: username,
Pool: userPool
});
// call forgotPassword on cognitoUser
cognitoUser.forgotPassword({
onSuccess: function(result) {
console.log('call result: ' + result);
},
onFailure: function(err) {
alert(err);
},
inputVerificationCode() { // this is optional, and likely won't be implemented as in AWS's example (i.e, prompt to get info)
var verificationCode = prompt('Please input verification code ', '');
var newPassword = prompt('Enter new password ', '');
cognitoUser.confirmPassword(verificationCode, newPassword, this);
}
});
}
// confirmPassword can be separately built out as follows...
export function confirmPassword(username, verificationCode, newPassword) {
cognitoUser = new AWSCognito.CognitoUser({
Username: username,
Pool: userPool
});
return new Promise((resolve, reject) => {
cognitoUser.confirmPassword(verificationCode, newPassword, {
onFailure(err) {
reject(err);
},
onSuccess() {
resolve();
},
});
});
}
我遇到了同样的问题。能够通过以下方式使用 confirmPassword() 来完成它。
//validation of input from form
req.checkBody('email', 'Username is required').notEmpty();
req.checkBody('password', 'Password is required').notEmpty();
req.checkBody('confirmationcode', 'Confirmation Code is required').notEmpty();
var confirmationCode = req.body.confirmationcode;
var password = req.body.password;
var userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
Username: req.body.email,
Pool: userPool
};
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
cognitoUser.confirmPassword(confirmationCode, password, {
onFailure(err) {
console.log(err);
},
onSuccess() {
console.log("Success");
},
});
如果你和我一样,找到了如何使用 amplify 处理这种情况
import { Auth } from 'aws-amplify';
// Send confirmation code to user's email
Auth.forgotPassword(username)
.then(data => console.log(data))
.catch(err => console.log(err));
// Collect confirmation code and new password, then
Auth.forgotPasswordSubmit(username, code, new_password)
.then(data => console.log(data))
.catch(err => console.log(err));
见https://docs.amplify.aws/lib/auth/manageusers/q/platform/js#forgot-password
所以即使我遇到了同样的问题,即使在 AWS cognito 文档中也不清楚,基本上这个过程涉及两个步骤。
- 调用 cognitoUser.forgotPassword() 这将启动忘记密码流程,用户将收到验证码。
- 然后调用 cognitoUser.confirmPassword() 这将重置密码验证代码发送到用户的电子邮件。
下面我给出了一个 cognitoUserClass(Typescript),它有实现这两个步骤的静态方法 forgotPassword() 和 confirmPassword() 方法。
import * as AmazonCognitoIdentity from 'amazon-cognito-identity-js'
class cognitoUserClass {
static cognitouser: AmazonCognitoIdentity.CognitoUser
static userPool = new AmazonCognitoIdentity.CognitoUserPool({
UserPoolId: 'your pool id',
ClientId: 'your client id',
})
static forgotPassword(userName: string): void {
const userData = {
Username: userName,
Pool: cognitoUserClass.userPool,
}
cognitoUserClass.cognitouser = new AmazonCognitoIdentity.CognitoUser(
userData
)
cognitoUserClass.cognitouser.forgotPassword({
onSuccess: (data) => {
console.log(data)
},
onFailure: (err) => {
console.log('ERR:', err)
},
})
}
static confirmPassword(
verificationCode: string,
newPassword: string
): void {
cognitoUserClass.cognitouser.confirmPassword(
verificationCode,
newPassword,
{
onFailure(err) {
console.log(err)
},
onSuccess(data) {
console.log(data)
},
}
)
}
}
export { cognitoUserClass }
获得验证码后,使用aws-amplify就这么简单
import { Auth } from "aws-amplify";
Auth.forgotPasswordSubmit(email, verificationCode, newPassword)
.then(() => {
//redirect to sign-in page
})
.catch(error => {
//error logic
})
所以在我的应用程序中,我显然想为用户提供重置密码的方法。我遇到的问题是用户池的新文档在这个主题上非常模糊。这是他们告诉您为忘记密码流程做的事情,您可以在 link 找到它:
cognitoUser.forgotPassword({
onSuccess: function (result) {
console.log('call result: ' + result);
},
onFailure: function(err) {
alert(err);
},
inputVerificationCode() {
var verificationCode = prompt('Please input verification code ' ,'');
var newPassword = prompt('Enter new password ' ,'');
cognitoUser.confirmPassword(verificationCode, newPassword, this);
}
});
然而,当我将此代码放入我的项目中并在其中定义并登录了 cognitoUser 时,似乎没有任何反应。我知道我需要以某种方式将此代码与向用户发送验证码并要求他们输入新密码相集成,但找不到有关如何执行此操作的任何信息。想法?
谢谢
使用忘记密码流程重置密码有两个步骤:
- 通过向服务请求验证码来启动该过程。代码将发送到用户的 phone/email。
- 使用发送的验证码设置新密码。
使用这两个函数执行上述步骤并重置密码:
cognitoUser.forgotPassword():这将启动忘记密码流程。该服务生成验证码并将其发送给用户。通过callback.inputVerificationCode(data)返回的"data"表示验证码发送到哪里cognitoUser.confirmPassword(): 使用此功能下发的验证码设置新密码
AWS 的文档在这个主题 (Cognito) 上很糟糕。您基本上需要设置 cognitoUser,然后调用 forgotPassword
export function resetPassword(username) {
// const poolData = { UserPoolId: xxxx, ClientId: xxxx };
// userPool is const userPool = new AWSCognito.CognitoUserPool(poolData);
// setup cognitoUser first
cognitoUser = new AWSCognito.CognitoUser({
Username: username,
Pool: userPool
});
// call forgotPassword on cognitoUser
cognitoUser.forgotPassword({
onSuccess: function(result) {
console.log('call result: ' + result);
},
onFailure: function(err) {
alert(err);
},
inputVerificationCode() { // this is optional, and likely won't be implemented as in AWS's example (i.e, prompt to get info)
var verificationCode = prompt('Please input verification code ', '');
var newPassword = prompt('Enter new password ', '');
cognitoUser.confirmPassword(verificationCode, newPassword, this);
}
});
}
// confirmPassword can be separately built out as follows...
export function confirmPassword(username, verificationCode, newPassword) {
cognitoUser = new AWSCognito.CognitoUser({
Username: username,
Pool: userPool
});
return new Promise((resolve, reject) => {
cognitoUser.confirmPassword(verificationCode, newPassword, {
onFailure(err) {
reject(err);
},
onSuccess() {
resolve();
},
});
});
}
我遇到了同样的问题。能够通过以下方式使用 confirmPassword() 来完成它。
//validation of input from form
req.checkBody('email', 'Username is required').notEmpty();
req.checkBody('password', 'Password is required').notEmpty();
req.checkBody('confirmationcode', 'Confirmation Code is required').notEmpty();
var confirmationCode = req.body.confirmationcode;
var password = req.body.password;
var userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
Username: req.body.email,
Pool: userPool
};
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
cognitoUser.confirmPassword(confirmationCode, password, {
onFailure(err) {
console.log(err);
},
onSuccess() {
console.log("Success");
},
});
如果你和我一样,找到了如何使用 amplify 处理这种情况
import { Auth } from 'aws-amplify';
// Send confirmation code to user's email
Auth.forgotPassword(username)
.then(data => console.log(data))
.catch(err => console.log(err));
// Collect confirmation code and new password, then
Auth.forgotPasswordSubmit(username, code, new_password)
.then(data => console.log(data))
.catch(err => console.log(err));
见https://docs.amplify.aws/lib/auth/manageusers/q/platform/js#forgot-password
所以即使我遇到了同样的问题,即使在 AWS cognito 文档中也不清楚,基本上这个过程涉及两个步骤。
- 调用 cognitoUser.forgotPassword() 这将启动忘记密码流程,用户将收到验证码。
- 然后调用 cognitoUser.confirmPassword() 这将重置密码验证代码发送到用户的电子邮件。
下面我给出了一个 cognitoUserClass(Typescript),它有实现这两个步骤的静态方法 forgotPassword() 和 confirmPassword() 方法。
import * as AmazonCognitoIdentity from 'amazon-cognito-identity-js'
class cognitoUserClass {
static cognitouser: AmazonCognitoIdentity.CognitoUser
static userPool = new AmazonCognitoIdentity.CognitoUserPool({
UserPoolId: 'your pool id',
ClientId: 'your client id',
})
static forgotPassword(userName: string): void {
const userData = {
Username: userName,
Pool: cognitoUserClass.userPool,
}
cognitoUserClass.cognitouser = new AmazonCognitoIdentity.CognitoUser(
userData
)
cognitoUserClass.cognitouser.forgotPassword({
onSuccess: (data) => {
console.log(data)
},
onFailure: (err) => {
console.log('ERR:', err)
},
})
}
static confirmPassword(
verificationCode: string,
newPassword: string
): void {
cognitoUserClass.cognitouser.confirmPassword(
verificationCode,
newPassword,
{
onFailure(err) {
console.log(err)
},
onSuccess(data) {
console.log(data)
},
}
)
}
}
export { cognitoUserClass }
获得验证码后,使用aws-amplify就这么简单
import { Auth } from "aws-amplify";
Auth.forgotPasswordSubmit(email, verificationCode, newPassword)
.then(() => {
//redirect to sign-in page
})
.catch(error => {
//error logic
})