I'm trying to create a function which allows me to update a user's phone number in a Cognito User Pool. The code is in a NodeJS application, using the latest aws-sdk library.
I have this function callback structure working for a number of other actions against the user pool, e.g. creating and listing users, updating MFA, etc. So I am confident there's nothing structurally wrong with the way I have laid the code out.
But for this particular function, I am receiving an error that says AdminUpdateUserAttributes "is not a function".
I've tried changing different attributes in case it's a phone number thing, but I got the same result.
function cognitoUpdatePhone(username, phoneNumber, callback) {
var params = {
UserPoolId: '<my pool Id>',
Username: username,
UserAttributes: {
phone_number: phoneNumber
}
};
var cognitoidentityserviceprovider = new AWS.CognitoIdentityServiceProvider();
cognitoidentityserviceprovider.AdminUpdateUserAttributes(params, function (err, data) {
if (err) {
callback(err, false);
}
else {
callback(null, true);
}
});
}
I'm getting following response from the server. The stack trace indicates the source of the error is: aws-sdk/lib/state_machine.js
message: 'cognitoidentityserviceprovider.AdminUpdateUserAttributes is not a function',
code: 'TypeError',
Encountered the exact same problem. Solved it by changing the first letter of the function to lowercase: adminUpdateUserAttributes
Try using this:
var cognitoidentityserviceprovider = new AWS.CognitoIdentityServiceProvider({apiVersion: '2016-04-18'});
Related
I'm entirely new to coding. I've looked around a bit, but not found anything relevant.
When logging into keystone to view our mongoDB database I get an error message saying:
Something went wrong; please refresh your browser and try again.
Doing that does not help. Neither does deleting the browser history or attempting from another lap top.
Looking at the javascript console in the browser, the error states invalid csrf.
I think this is the relevant source code in the keystone folder:
handleSubmit (e) {
e.preventDefault();
// If either password or mail are missing, show an error
if (!this.state.email || !this.state.password) {
return this.displayError('Please enter an email address and password to sign in.');
}
xhr({
url: `${Keystone.adminPath}/api/session/signin`,
method: 'post',
json: {
email: this.state.email,
password: this.state.password,
},
headers: assign({}, Keystone.csrf.header),
}, (err, resp, body) => {
if (err || body && body.error) {
return body.error === 'invalid csrf'
? this.displayError('Something went wrong; please refresh your browser and try again.')
: this.displayError('The email and password you entered are not valid.');
} else {
// Redirect to where we came from or to the default admin path
if (Keystone.redirect) {
top.location.href = Keystone.redirect;
} else {
top.location.href = this.props.from ? this.props.from : Keystone.adminPath;
}
}
});
},
How can I go about solving this / debugging the error? Thanks for any help!
This usually happens when session affinity fails. Are you using default in-memory session management? Maybe, try using a database for maintaining session state.
If you use MongoDB, Try the following config setting
'session store': 'mongo',
See 'session store' section under http://keystonejs.com/docs/configuration/#options-database for more details.
When I try to register as a new user I get an error message saying invalid username or password which makes me think the app is trying to login when it should be trying to register.
The form:
form(class='form-auth' ng-submit='register()')
p(class='text-warning'){{error_message}}
label(for='email') Email
input(type="email", ng-model='users.email', name="email", placeholder='Email')
label(for='password') Password
input(type="password", ng-model='users.password', name="password", placeholder='Password')
input(type="submit" class='submitBtn' value='Go')
The 'register' controller (in file 'myApp.js' in the public Javascript directory)
app.controller('authController', function($scope, $rootScope, $http, $location){
$scope.user = {email: '', password: ''};
$scope.error_message = '';
$scope.register = function(){
$http.post('/auth/signup', $scope.user).success(function(data){
if(data.state == 'success'){
$rootScope.authenticated = true;
$rootScope.current_user = data.user.username;
$location.path('/');
}
else{
$scope.error_message = data.message;
}
});
};
});
I've got auth and passport in the main app.js file. I have a login function above the register one but it seems to be closed properly. Is there something wrong here?
The ng-model of the inputs should be "user.email, user.password" instead of "users.email, users.password" like its in your controller $scope.user.
Like $scope.users doesnt exist, empty values are sent to the backend.
I'm doing Login Page in worklight using JavaScript and jquery, the username and password should validate the data getting from JSONstore?
How to store the data locally using JSONStore in worklight and how does i get the data from JSONStore while validating the username and password?
In below code where my data will store and get, if the username and password has typed where it validate:
var collections = {
people : {
searchFields : {name: 'string'}
},
orders : {
searchFields: {name: 'string'}
}
};
WL.JSONStore.init(collections)
.then(function () {
return WL.JSONStore.init(collections);
})
.then(function () {
return WL.JSONStore.init(collections);
})
.then(function () {
alert('Multiple inits worked');
})
.fail(function (err) {
lert('Multiple inits failed' + err.toString());
});
How to solve the issue?
You really should never ever store username and password locally in the device. That does not sound very secure...
Additionally, where is the username and password coming from? How should the logic be able to validate the credentials? It needs to compare whatever is inputted with something, to know that it is correct. An implementation cannot be done without otherwise, so you need to provide the answer to this...
In the meanwhile, you can take a look at the following tutorial: Offline Authentication.
The included sample application assumes you have first authenticated with a backend system, and later allows for authenticating locally, "offline", in case an Internet connection is not available. For this it uses JSONStore to securely authenticate.
The tutorial include a thorough implementation example, be sure to follow it, and to provide the missing information in your question.
This tutorial explains how to use the JSONStore API, including the Add method: https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-1/foundation/data/jsonstore/jsonstore-javascript-api/
var collectionName = 'people';
var options = {};
var data = {name: 'yoel', age: 23};
WL.JSONStore.get(collectionName).add(data, options).then(function () {
// handle success
}).fail(function (error) {
// handle failure
});
Hello it's my first time doing a sign in process in a mobile app with Titanium and I wonder what information should I save and the best practice to do it?
My server is configured in this way:
The server requires I send a user and password and if the information match it will provide a token session.
This is the code I use for signing in:
function signIn(e) {
//function to use HTTP to connect to a web server and transfer the data.
var sendit = Ti.Network.createHTTPClient({
onerror : function(e) {
Ti.API.debug(e.error);
alert('There was an error during the connection');
},
timeout : 100000,
});
//Here you have to change it for your local ip
sendit.open('POST', 'http://myserver');
var params = {
user : $.txtUsuario.value,
password : $.txtPassword.value
};
sendit.send(params);
//Function to be called upon a successful response
sendit.onload = function() {
var json = this.responseText;
var response = JSON.parse(json);
if (response.success == "true")
{
var landing = Alloy.createController("menu").getView();
$.index.close();
landing.open();
}
else
{
alert(response);
}
};
};
the code above is working, however I do not know how to manage the sign out. I would like my application works like the most apps do, e.g:
You sign in once and after that if you do not close the app you are able to continues using it and even making a request.
Thank you for any explanation.
It depends on your app requirements. for exemple if you will use the token in your app later you can save it as an AppProperty :
Ti.App.Properties.setString('token',yourTokenGoHere);
and in the app starting you can get it back :
var myToken = Ti.App.Properties.getString('token');
and then you can make a test for example if the token is still valid or not :
if(myToken === 'invalidtoken')
youSholdLogin();
else
youCanGoFurther();
and when the user disconnect rest the token to be invalid :
Ti.App.Properties.setString('token', 'invalidtoken');
I am trying to create the following authentication for an app:
User enters phone number and receives an SMS with a code generated in the server (the SMS is handled through an external service). If the user enters the right code he is logged in.
This means I must have two login stages: registering user with a phone and logging him in with the code, so this is what I think the client should look like:
Meteor.getSmsCode = function(phone, username, callback) {
Accounts.callLoginMethod({
methodName: 'getsmscode',
methodArguments: [{
getsmscode: true,
phone: phone,
username: username
}],
userCallback: callback
});
};
Meteor.loginWithCode = function(phone, code, callback) {
Accounts.callLoginMethod({
methodName: 'login',
methodArguments: [{
hascode: true,
phone: phone,
code: code
}],
userCallback: callback
});
};
But I am confused about the server side - there should be two methods:
the first should only register a user (and communicate with the SMS service) and second should log him in.
This is the server test code for now:
Meteor.users.insert({phone: '123456789', code: '123', username:'ilyo'});
Accounts.registerLoginHandler(function(loginRequest) {
var user = Meteor.users.findOne({phone: loginRequest.phone});
if(user.code !== loginRequest.code) {
return null;
}
var stampedToken = Accounts._generateStampedLoginToken();
var hashStampedToken = Accounts._hashStampedToken(stampedToken);
Meteor.users.update(userId,
{$push: {'services.resume.loginTokens': hashStampedToken}}
);
return {
id: user._id,
token: stampedToken.token
};
});
And this is what happens when I try it:
Why an I getting the 500?
Why doesn't the user have a code and phone fields?
What method should I use for the getSmsCode?
Meteor.createUser is described on How can I create users server side in Meteor?
Then, the Accounts.onCreateUser would contain business logic http://docs.meteor.com/#accounts_oncreateuser
A more exact message for the 500 would be on the server-side stdout. Probably security.
Your Login Handler must return an object as follows:
{ userId: user._id }
Sorry I don't elaborate in the whole problem, I don't agree on your full approach but looks you are in the right path to get the feature you need.
Also, this question is one year old, now there are a few packages at atmosphere that address this kind of authentication =)