Amazon Cognito
开发人员指南
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅 Amazon AWS 入门

示例:为使用 AdminCreateUser API 在 SDK for JavaScript 中创建的用户进行身份验证并设置新密码

为了针对由管理员创建 (使用 AdminCreateUser API) 的用户提供用户登录流程支持,请实施 newPasswordRequired 回调方法以在用户首次登录时设置新密码。用户首次尝试使用邀请消息中收到的临时密码进行登录时,开发工具包会调用您的 newPasswordRequired 回调。收集必需的输入,包括新密码和必需属性,然后调用 CognitoUser 类中提供的 completeNewPasswordChallenge 方法。

newPasswordRequired 回调采用两个参数:userAttributesrequiredAttributes

cognitoUser.authenticateUser(authenticationDetails, { onSuccess: function (result) { // User authentication was successful }, onFailure: function(err) { // User authentication was not successful }, mfaRequired: function(codeDeliveryDetails) { // MFA is required to complete user authentication. // Get the code from user and call cognitoUser.sendMFACode(mfaCode, this) }, newPasswordRequired: function(userAttributes, requiredAttributes) { // User was signed up by an admin and must provide new // password and required attributes, if any, to complete // authentication. // userAttributes: object, which is the user's current profile. It will list all attributes that are associated with the user. // Required attributes according to schema, which don’t have any values yet, will have blank values. // requiredAttributes: list of attributes that must be set by the user along with new password to complete the sign-in. // Get these details and call // newPassword: password that user has given // attributesData: object with key as attribute name and value that the user has given. cognitoUser.completeNewPasswordChallenge(newPassword, attributesData, this) } });