I am creating a custom Login, registration form in angular. I want to login using username, not the email id , is there a way to do so?
Code reference would help!
Yes, this can be done .
The setting needs to be done while creating a userPool in aws Cognito .
In the attributes tab , One needs to check the checkboxes containing
the following.
Also allow sign in with verified email address
Also allow sign in with preferred username (a username that your
users can change).
This way , a user can sign in by both email address and the user name .
Related
My situation is customer will first enter their username in my web page , then my backend will check the username is using which service to do the authentication , then route him to ADB2C.
In UX perspective , customer already entered their username in last page , I shouldn’t ask them again in second page of ADB2C page , want to understand does ADB2C could let me passing the username to url or something , so that customer only require to enter password in second page .
One way to do this is to use login_hint.
"During a sign-in user journey, a relying party application may target a specific user or domain name. When targeting a user, an application can specify, in the authorization request, the login_hint query parameter with the user sign-in name. Azure AD B2C automatically populates the sign-in name, while the user only needs to provide the password."
I am new to third-party login , I use Facebook-login, and after some research, I know that
after front-end click on the login with facebook button and did the login ,
it can send info and redirect to backend API
and I supposed to use passport-facebook to do the authentication,
if it pass , then we check if the user exists or not , if not then create a user
if exists then we can return some info (maybe jwt to the User for rest of the action)
So my first question is that if my research is right or not ? or is there something I missed ?
and the second is that my userInfo database now has two basic database field, email and password, and those are required,
but with this third party login ,what's the right way to manage and set up the database , since I don't have any password to set and email may cause repeat since if user decided to sign up with my own member system and they already use same email with their facebook account ?
Basically, your research is right.
Actually, there are two tables involved in for implementation, one is User table as parent while the other is UserLogin table as child. So everything is obvious and association between local account and external account is set up.
You can refer to this blog for more details
https://code-maze.com/external-identity-provider-aspnet-core-identity/
Is there a way to make firebase authentication consider the following email addresses as equal for the purpose of signing up or logging in a (new) user?
imauser#gmail.com
imauser+test#gmail.com
im.a.user#gmail.com
im.a.user+test#gmail.com
Firebase Authentication intentionally does not normalize the +suffix our of the email address, as this is used in certain regions to allow multiple users to share a single account.
This behavior is not configurable, so if you want to map these accounts, you will have to filter it in your application code before calling the Firebase API to sign the user up or in.
I'm using ASW Cognito for authenticating users. Cognito has a well-documented flow to handle users who have forgotten their passwords.
How do I handle users who have forgotten their usernames? Is there a built-in flow that lets the user enter their email or phone number, and then receive an email or text with their associated username? I found the ListUser API, which returns all the users in a userpool. I could write a Lambda function that filters through all my users, looking for a match on email or phone number. But this seems like overkill.
Unfortunately, there is no default out of the box workflow of "Forgot Username".
I am implementing similar workflow. We ask user for their registered phone number/email, and we retrieve username based on that number and send it to email/phone according to configuration. If user is configured to use email and phone both, we send SMS to phone if user forget username (which is email id they used during sign up).
One major drawback of this approach is that, we need to provide ListUsers API call access to anonymous user which is a potential security issue but can't seem to find any other way by which we inform user about their login details.
For those, who are looking for the solution, don't give the anonymous user access to ListUser API as suggested in the accepted answer.
There are two ways to implement 'Forgot username flow'.
Enable email as an alias for your Cognito User Pool:
Calling this API causes a message to be sent to the end user with a
confirmation code that is required to change the user's password. For
the Username parameter, you can use the username or user alias. The
method used to send the confirmation code is sent according to the
specified AccountRecoverySetting.
https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html
The user will be able to reset the password with their email and code delivered to provided email address. If you still want to remind the username, you can use Lambda trigger to generate the password reset email with both username and verification code.
Use the backend (web server or lambda) which will receive the email address as an input to the 'Forgot username flow'. The backend will have permissions to invoke List Users API (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUsers.html) and will perform user lookup using the email. You now can go into Forgot Password flow using the retrieved username. Lambda trigger will be used to generate password reset email with username and verification code.
You can protect this API from abuse using WAF and/or captcha.
I am using default Eloquent authentication driver in my Laravel 5 application. I want to allow user to login with username or mobile number as well for those who have entered these two. Is there any way to include it without creating manual authentication?
I found this discussion on laracasts:
https://laracasts.com/discuss/channels/general-discussion/log-in-with-username-or-email-in-laravel-5
It allows the user to enter his username or his email. Laravel checks the field if it is an email or an username (by validating it) and depending on what it is it calls the $auth->attempt() function with the correct field.
The same thing should be applicable for your username or mobilenumber-problem.