AWS Cognito：如何允许用户无需发送验证码即可更改电子邮件？ [英] AWS Cognito: how to allow users to change email without sending verification code?

问题描述

在我的Android应用中，我希望我的用户能够更改其电子邮件地址（用于连接到其帐户的电子邮件地址），而无需通过电子邮件获取任何验证码。

In my Android app, I want my users to be able to change their email addresses (that they use to connect to their accounts), without getting any verification code by email.

到目前为止，我设法更改了电子邮件地址，并且由于使用了lambda，请将 email_verified 设置为 true 自动。但是不幸的是，仍然发送一封带有验证码的电子邮件...

So far, I manage to change the email address, and thanks to a lambda, set email_verified to true automatically. But unfortunately, an email is still sent with a verification code...

这是我在Android应用中所做的事情：

Here is what I did in my Android app:

public void onClickChangeEmail(View view)
{
    CognitoUserAttributes attributes = new CognitoUserAttributes();
    attributes.getAttributes().put("email", "second@mail.com");
    CognitoSettings
            .getCognitoUserPool(MainActivity.this)
            .getCurrentUser()
            .updateAttributesInBackground(attributes, new UpdateAttributesHandler()
    {
        @Override
        public void onSuccess(List<CognitoUserCodeDeliveryDetails> attributesVerificationList)
        {
            Log.i("tag", "Email updated!");
        }

        @Override
        public void onFailure(Exception e)
        {
            e.printStackTrace();
        }
    });
}

在我的AWS控制台中，我在的Cognito中添加了一个触发器自定义消息，这是我的lambda函数，每次用户更新电子邮件时都会触发该函数：

And in my AWS console, I added a trigger in Cognito on Custom message, and here is my lambda function, which is triggered everytime a user updates his email:

const AWS = require('aws-sdk')
AWS.config.update({region: 'eu-central-1'});

exports.handler = (event, context, callback) => {
    if (event.triggerSource === 'CustomMessage_UpdateUserAttribute')
    {
        const params = {
            UserAttributes: [
              {
                  Name: 'email_verified',
                  Value: 'true',
              },
            ],
            UserPoolId: event.userPoolId,
            Username: event.userName,
        };
        var cognitoIdServiceProvider = new AWS.CognitoIdentityServiceProvider();
        cognitoIdServiceProvider.adminUpdateUserAttributes(params, function(err, data) {
            if (err) context.done(err, event); // an error occurred
            else context.done(null, event); // successful response
        });
    }
    else
    {
        context.done(null, event);
    }
};

我发现的唯一解决方法是抛出错误而不是 context.done （null，event）; ，但它看起来并不是一个干净的解决方案。

The only workaround I found is to throw an error instead of context.done(null, event);, but it doesn't look like a clean solution.

有没有更好更干净的方法来阻止Cognito

Is there a better and cleaner way to prevent Cognito from sending a verification email?

感谢您的帮助。

推荐答案

我正在Springboot服务中调用Cognito API，并且能够在不获取验证码的情况下更新用户的电子邮件。在我的adminUpdateUserAttributes（）方法中，我传入：

I am calling the Cognito API in my Springboot Service and I am able to update a user's email without getting a verification code. In my adminUpdateUserAttributes() method, I am passing in:

名称：'email_verified'，
值：'true'

Name: 'email_verified', Value: 'true'

与需要更新的电子邮件字段一起使用，它可以成功更新而无需发送电子邮件。也许拉达无法正常工作，或者由于这是一个老问题，所以他们已修复了该错误。

together with the email field that needs to be updated and it updates successfully without sending an email. Maybe the labda doesn't work correctly or they have fixed the bug since this is an old question.

这篇关于AWS Cognito：如何允许用户无需发送验证码即可更改电子邮件？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！