Users are login using Cognito to our app and the email is used as username.
The PM asked for the option to change username but, seems like AWS doesn't give that option.
const res = await cognito.adminUpdateUserAttributes({UserPoolId:userPoolId, Username:body.uuid, UserAttributes:[{Name:'email', Value:body.newEmail}]}).promise();
return createResponse(200, 'ok');
Now it returns empty response without errors but I don't see the user email changed, I also tried to add email_verified:true but nothing happened. Anyone knows a workaround?
1.Only option for you to do here is either migrate to a new pool while migrating change the username.
2.If you want to change the login username continuously you can use username or preferred username as alias for the cognito. There is option while configuring and cannot be changed after pool is created.
Related
Is it possible to find a user by searching with a Username in AWS Lambda? The GetUserCommand does not seem to accept a Username as a parameter. The input shape does not include a Username parameter. Am I misunderstanding?
GetUserCommand documentation.
The command you are referring to only needs an access token. Since the access token belongs to your user it will return information about her/him. You don't really need to provide a username. Would be kind of redundant.
If you want to get information about a user as an admin (so not as a user that is currently signed in), then you need another method: AdminGetUserCommand. There you can specify which username you want using AdminGetUserCommandInput.
I am learning to code and am attempting to build a to do web application in node using Express (I think that's the right wording).
I have a table('users') in postgresql which stores user_id,email and password.
When a user logs in to the website I want to loop through the table and ensure the email exists and it matches the password and then the user can log in and when they're logged in - their unique user_id is assigned and brings up their previous to do lists.. I would like to incorporate knex also if possible.
I am at a loss how to do this and would appreciate any tips/pointing in the right direction.
Thanks
Try something basic first
SELECT
user_id
FROM users
WHERE
email = _your_user_email
AND password = _your_user_password;
If the result you get back contains user_id or whatever you want returned, then the user exists. You can expand on this further by checking for email, and let the user know that the email exists but the password is incorrect, etc. Try the simple method first and see if this meet your need.
First of all, I would recommend you to name your id field for your users table as id.
It is best practice to name id fields as id and reference columns as <tablename>_id
(eg. table clothes.id unique identifier for iter and clothes.user_id – foreign key to table users).
Secondly, it is highly NOT recommended to store your passwords as raw data inside of the database (security reasons).
It is a common practice to keep user passwords as hashed data.
For example, take a look at bcrypt package.
To select users (there is no such thing as "loop" in terms of database, it is called "query") you need to
create a query like
select
id,
email,
<any_other_field_you_need>
from
users
where
email = 'your#email.com'
and password = 'your password hash'
In terms of knex it can be written
knex('users')
.select(['id', 'email', '<any_other_field_you_need>'])
.where('email', 'your#email.com')
.where('password', 'your password hash')
Your query params (email, password) you can get from express body.
Make sure you are using POST HTTP method to send your request and pass your data as a body.
In case you don't know express – it's an npm package.
It helps in the creation of web-services. They have a hello world guide on their
official website. Feel free to check it out. Or just simply google "express tutorial for beginner" there are a lot of great tutorials over the internet about it. It's quite popular.
I am using Amazon Cognito Identity SDK for JavaScript (deprecated).
I created new pool without verifying email and phone_number.
By default, users aren't confirmed in Cognito User Pools, so I need to do this manually.
How to confirm user in Cognito User Pools without verifying email or phone?
I hope this will help someone else.
To do this you can add this Lambda function:
exports.handler = (event, context, callback) => {
event.response.autoConfirmUser = true;
event.response.autoVerifyEmail = true; // this is NOT needed if e-mail is not in attributeList
event.response.autoVerifyPhone = true; // this is NOT needed if phone # is not in attributeList
context.done(null, event);
};
Then navigate to AWS Cognito's General settings >> Triggers and add this Lambda function to 'Pre sign-up' - click the drop down list and select Lambda function with above code.
If you only use 'preferred_username' (if no e-mail or phone # is used) setting event.response.autoConfirmUser to true is sufficient.
Actually, AWS has recently added the ability to verify email and verify phone number in the pre-signup lambda as well. You basically need to set autoVerifyEmail and autoVerifyPhone in the lambda and they will get verified.
More info in the official documentation.
"response": {
"autoConfirmUser": boolean
"autoVerifyEmail": boolean
"autoVerifyPhone": boolean
}
I think the accepted answer is problematic. OP's question is how to confirm a user without verifying their email. But the solution will verify the user's email.
If you want to confirm a user with an unverified email (or phone), you can use AdminConfirmSignUpCommand. It is the intended way to confirm a user without having them do it, as per official docs:
Unlike ConfirmSignUpCommand, AdminConfirmSignUpCommand doesn't need a code. You can implement this command after signup in your API or as a Custom Message Trigger (effectively confirming the user when the email is sent).
Now, the user can log in, but the email must be confirmed still.
When I try sign up an user in AWS Cognito this error is returned in response.:
But, in my config the email field is an alias.:
How can I fix this?
By that error message, it looks like it's failing because you have email as an alias but have also set given it as your username. I think to get around this, you could either use some temporary, throw away username at first or un-check it as an alias and just use it as both username and an attribute. The former gives you more flexibility to updating it, but that's ultimately up to your application's needs.
I am using the user-accounts package to manage the Account System in my app.
I have also integrated Google, Github, Twitter and other 3rd party Services.
The package works fine, but now that I need a specific page for every user, and for SEO terms, I need the url to be like this:
https://domain.com/user/username
I also have the accounts-password package. And I have added a username field, and it works fine.
But if thirdparty services are used, the popup closes and the page is redirected with the user successfully created. I read about calling Accounts.onUserCreate,
and this is my code:
Accounts.onCreateUser(function(options, user) {
var email = options.profile.email;
var ist = email.indexOf("#");
var uname = email.slice(0,ist);
user.username = uname;
if(options.profile){
user.profile = options.profile;
}
return user;
});
But it gives an error : Cannot read indexOf of undefined.
How can this be achieved?
There either can be a page, to enter the username, for every new user, or this way, the email should be sliced for username creation. (Second method is preferred.)
The error message is telling you your variable email has not been set.
When using third-party login services with Meteor, the user information is not stored within the profile of the user document. Rather, you should look for the email within the services data of that user document. For example, for Facebook, you should find this within services.facebook.email.
You may also want to consider using the user argument to find this information as the documentation states: "The user argument is created on the server and contains a proposed user object with all the automatically generated fields".