[英]AWS Cognito - Possible to resend Signup Email with temporary password?
After searching the official AWS CLI cognito-idp documentation, it seems there is no way to 'reset' a user back into a FORCE_CHANGE_PASSWORD
state once that user has been confirmed at some point.在搜索官方 AWS CLI cognito-idp 文档后,似乎无法在某个时间点确认用户后将其“重置”回FORCE_CHANGE_PASSWORD
state。
It seems the only way to achieve this is to copy the user's data, delete the user's account, and then re-create a new account for the user with the copied data, for example:似乎实现这一点的唯一方法是复制用户的数据,删除用户的帐户,然后用复制的数据为用户重新创建一个新帐户,例如:
client = boto3.client("cognito-idp", AWS_REGION)
try:
user = client.admin_get_user(user_pool_id, user_id) # get user
user_data = get_from(user) # copy user data
client.admin_delete_user(user_pool_id, user_id) # delete user
response = client.admin_create_user(**user_data) # create new user?
except Exception as e:
handle(e)
This would place the user in FORCE_CHANGE_PASSWORD
state, and re-trigger the signup email/message which is the desired outcome, however, this seems prone to all sorts of problems...这会将用户置于FORCE_CHANGE_PASSWORD
state 中,并重新触发注册电子邮件/消息,这是期望的结果,但是,这似乎容易出现各种问题......
Note: I've already tried calling admin_create_user
again with the message action set to 'resend', however, if the user has been in a CONFIRMED
state at any point, the call will result in the following error message:注意:我已经尝试再次调用admin_create_user
并将消息操作设置为“重新发送”,但是,如果用户在任何时候都处于 CONFIRMED CONFIRMED
中,则调用将导致以下错误消息:
(UnsupportedUserStateException) when calling the AdminCreateUser operation: Resend not possible. (UnsupportedUserStateException) 调用 AdminCreateUser 操作时:无法重新发送。 XXXXXXXXXXXXXXX status is not FORCE_CHANGE_PASSWORD XXXXXXXXXXXXXXX 状态不是 FORCE_CHANGE_PASSWORD
The other option is to do a separate call to get the user's current status, and if they're in a confirmed state, call admin-reset-user-password
instead, which would at least mitigate the data integrity issues raised by deleting the account...另一种选择是单独调用以获取用户的当前状态,如果他们在已确认的 state 中,则调用admin-reset-user-password
,这至少可以减轻因删除帐户而引发的数据完整性问题...
surely there is a more elegant solution?肯定有更优雅的解决方案吗?
For anyone having a similar issue, it turns out to be related to having email verified
as a requirement for the User Pool.对于遇到类似问题的任何人,事实证明它与将email verified
为用户池的要求有关。 I suspect if you don't require your user email addresses to be verified, you won't run into this issue.我怀疑如果你不需要验证你的用户 email 地址,你就不会遇到这个问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.