AWS Cognito 管理员创建了用户临时密码验证和重置

Question

我正在尝试验证管理员通过密码重置挑战使用 AWS Cognito 生成了一个临时密码，但我找不到有关如何使用临时密码并为新密码设置新密码的方法或示例javascript 中的用户。

Answer 1

Amazon Cognito 开发人员指南提供了使用临时密码进行身份验证和处理 newPasswordRequired 条件的示例：

cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: [...],
    onFailure: [...],
    mfaRequired: [...],
    newPasswordRequired: function(userAttributes, requiredAttributes) {
        // User was signed up by an admin and must provide new 
        // password and required attributes, if any, to complete 
        // authentication.

        // userAttributes: object, which is the user's current profile. It will list all attributes that are associated with the user. 
        // Required attributes according to schema, which don’t have any values yet, will have blank values.
        // requiredAttributes: list of attributes that must be set by the user along with new password to complete the sign-in.


        // Get these details and call 
        // newPassword: password that user has given
        // attributesData: object with key as attribute name and value that the user has given.
        cognitoUser.completeNewPasswordChallenge(newPassword, attributesData, this)
    }
});

摘自此处的指南：https://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-identity-user-pools-javascript-example-authenticating-admin-created-user.html

请注意，示例中completeNewPasswordChallenge 的第三个参数是this，即具有处理函数的对象。这是因为completeNewPasswordChallenge 需要onSuccess 和onFailure 处理程序，并且您通常可以使用与authenticateUser 结果相同的处理程序。

Answer 2

我确实浏览了您提到的文件。我不明白什么应该是'attributesData'。以下是我到目前为止所做的。

var authenticationData = {
       Username : email,
       Password : temppassword,
   };
   var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
   cognitoUser.authenticateUser(authenticationDetails, {
       onSuccess: function (result) {
           console.log('access token + ' + result.getAccessToken().getJwtToken());
           console.log('idToken + ' + result.idToken.jwtToken);// User authentication was successful
       },

       onFailure: function(err) {
           alert(err);// User authentication was not successful
       },

       newPasswordRequired: function(userAttributes, requiredAttributes) {
           userAttributes: authenticationData; 
           requiredAttributes: email;
           var newPassword: password;
           // attributesData: object with key as attribute name and value that the user has given.
           cognitoUser.completeNewPasswordChallenge(newPassword, attributesData, this)
       }
   });