amplify-js: user.completeNewPasswordChallenge is not a function

Describe the bug A clear and concise description of what the bug is.

To Reproduce Steps to reproduce the behavior:

  1. Use flat aws-exports.js structure
  2. Set Cognito up such that Only Admin creates accounts
  3. Use Amplify but not mobile hub
  4. Create an account
  5. try to change the temporary password using Auth.completeNewPassword(userFromLoginAttempt, newPassword, requiredAttributes)
  6. Responds with user.completeNewPasswordChallenge is not a function

Expected behavior Password is changed and the user can login

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

  • OS: MacOS
  • Browser: Chrome
  • Version: 1.0.0

You can turn on the debug mode to provide more info for us by setting window.LOG_LEVEL = ‘DEBUG’; in your app.

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Comments: 22 (2 by maintainers)

Most upvoted comments

You can simply use the predefined amplify method like below. const currentUser = await Auth.currentAuthenticatedUser();

+6
nikhilknoldus on Sep 14, 2020

@goatandsheep When you get resolved from Auth.signIn() with that user object, you are not actually signed in because you need to complete the new password. So at that moment Auth.currentSession and Auth.currentAuthenticatedUser won’t work because you are not signed in. You need to directly use that user object returned from Auth.signIn() to help you finish the login process.

+5
powerful23 on Sep 24, 2018

Thank you. Your response helped in identifying my mistake. The user object passed to Auth.completeNewPassword was different from the one returned by signin method so it was failing. After changing to use the object returned by signin it works correctly. Confirmed in cognito console that the status of user does change correctly.

+4
sankranti2018 on Oct 19, 2018

@goatandsheep hi can you confirm that the userFromLoginAttempt object should be a CognitoUser object?

+3
powerful23 on Sep 21, 2018

I think it should be a method to create a CognitoUser instance from the returned object after stringify it and parse it again!

+2
yaayes on Mar 16, 2021

Anyone can confirm that the user object returned from signIn can be stored in the session storage via JSON.parse()? When the user sign in at the first time, I redirect the page to the change password one, however when I use the stored user object to call the completeNewPassword() it always says the error as user.completeNewPasswordChallenge is not a function

+2
aussieweever on Oct 21, 2018

Here is some manual parsing to create CognitoUser instance from the parsed object (cognitoObject):

const pool = new CognitoUserPool({
      UserPoolId: cognitoObject.pool.userPoolId,
      ClientId: cognitoObject.pool.clientId,
      endpoint: cognitoObject.client.endpoint,
      Storage: window.localStorage,
      AdvancedSecurityDataCollectionFlag: cognitoObject.advancedSecurityDataCollectionFlag,
})
const cognitoUser = new CognitoUser({
      Username: cognitoObject.username,
      Pool: pool,
      Storage: window.localStorage,
})

cognitoUser.Session = cognitoObject.Session

await Auth.completeNewPassword(cognitoUser, newPassword, cognitoObject.challengeParams)
+1
mattjarzeb on Mar 17, 2021

@mikeRChambers610 you have to pass the object returned by Auth.signIn() instead of a username string. There isn’t anything in the session yet, so @nikhilknoldus suggestion will not work

Here’s an example using React: https://gist.github.com/davekiss/9af08fde4ce2d40e306a35028583d6e5

+1
davekiss on Nov 17, 2020

I tried this (long story above - sessionstorage stores the same format as localstorage) and the object wasn’t recognized properly. It needs to be a CognitoUser object. You’re going to have to figure out how to pass it directly or put it in a 3rd party store like Redux or even Amplify Cache

+1
goatandsheep on Oct 21, 2018

you’re missing a lot in your workflow. Here let me help you out:

aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].signIn(userNameField.value, passwordField.value)
  .then(user => {
    console.log(user);
    MessagesDiv.innerHTML = "Sign in success";
    if (user.challengeName === "SMS_MFA" || user.challengeName === "SOFTWARE_TOKEN_MFA") {
      aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].confirmSignUp(/* TODO */)
    } else if(user.challengeName === "NEW_PASSWORD_REQUIRED"){
      aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].completeNewPassword( VerifyUser.value, 'NewPassword2018')
        .then(() => {
          MessagesDiv.innerHTML = "Sign in success. Password updated";
          console.log('Password updated');
        })
        .catch(e => {
            MessagesDiv.innerHTML = "failed with error" + e;
            console.log('failed with error', e);
        });
    } else if (typeof user.challengeName !== 'undefined') {
      console.error(user.challengeName)
    }
    function checkUser(user) {
      aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].verifiedContact(user)
        .then((data) => {
          console.log("verification result", data);
          if (Object.keys(data.verified).length > 0) {
            console.log("Successful login")
          } else {
            aws_amplify__WEBPACK_IMPORTED_MODULE_0__["Auth"].verifyContact(/* TODO */)
          }
        }
    }
    checkUser(user)
+1
goatandsheep on Oct 18, 2018
Read more comments on GitHub
← amplify-js: User object not detected in Remix.js SSR
amplify-js: user.sendCustomChallengeAnswer is not a function →