Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

SMS Verification Resend

See original GitHub issue

Describe the bug

Resending the verification code for a user during MFA using SMS seems to be broken.

As for some context, we’re currently using this Amplify function: https://github.com/aws-amplify/amplify-js/blob/master/packages/auth/src/Auth.ts#L269

To Reproduce

Say we have the flow of: 1: User signs up with an email/password, they confirm they own the email and login 2: Once logged in, User requests to setup MFA via SMS 3: User types in phone number which is saved against cognito under ‘phone_number’ 4: We dispatch a text message to check ownership of the phone as ‘phone_number_verified’ is false 5: User enters the code, changing ‘phone_number_verified’ to true if correct. 6: Everytime the user logs in, they are prompted for verification over SMS

If the user however closes the session AT step 5, they need to be able to request resending of the code (as it may expire or never got to them). At this stage, we have a ‘phone_number’ field populated and a ‘phone_number_verified’ field which is false (as they never received the code).

However, on this stage where ‘phone_number_verified’ is false with a populated ‘phone_number’, we receive from the ‘resendSignUp’ function: {"__type":"InvalidParameterException","message":"User is already confirmed."}

Expected behavior We should receive a text message again once clicking ‘resend’ if there is a false value on either ‘email_verified’ or ‘phone_number_verified’ being false. If ‘email_verified’ is false, send an email… if ‘phone_number_verified’ is false, send an SMS

Issue Analytics

State:
Created 5 years ago
Reactions:11
Comments:12 (10 by maintainers)

Top GitHub Comments

3reactions

powerful23commented, Oct 29, 2018

@mrowles yeah pls, I think that would be a feature request.

1reaction

powerful23commented, Sep 12, 2018

@CHR15- the flow should be like:

The user has the attribute updated: ‘phone_number’. At that time the ‘phone_number’ is not verified.
The user wants to verify the phone_number, at that time, call

Auth.verifyCurrentUserAttributes('phone_number')
.then(() => {
     console.log('a verification code is sent');
}).catch(e) => {
     console.log('failed with error', e);
});

The user inputs the verification code, call

Auth.verifyCurrentUserAttributeSubmit('phone_number', 'the_verification_code')
.then(() => {
     console.log('phone_number verified');
}).catch(e) => {
     console.log('failed with error', e);
});