Change temporary password - chicken and egg???
See original GitHub issueOK, this is a really stupid and basic question…
- Create a new user in a user pool.
- User tried to authenticate using temporary password.
- Exception is raised about force password change
- Try to change password - Can’t without access token
Can’t get an access token without authenticating. Can’t get access token without changing password.
How do we get around this?
I see a number of posts here 25, 13, 14 and 29 but is is still not making sense to my noobie brain.
import boto3
from warrant import Cognito
identity_pool_id = 'us-east-1_XXXXXXXXXX'
app_client_id = 'XXXXXXXXXXXXXXXXXXXXXXX'
username = 'erics'
password = 'XXXXXXXX'
new_password = 'newXXXXXXXX'
cog = Cognito(identity_pool_id, app_client_id, username)
try:
cog.authenticate(password=password)
except:
cog.change_password(password, new_password)
Traceback (most recent call last): File "C:\Users\Eric\Documents\cognito.py", line 15, in <module> cog.change_password(password, new_password) File "C:\Users\Eric\AppData\Local\Programs\Python\Python36\lib\site-packages\warrant\__init__.py", line 613, in change_password self.check_token() File "C:\Users\Eric\AppData\Local\Programs\Python\Python36\lib\site-packages\warrant\__init__.py", line 253, in check_token raise AttributeError('Access Token Required to Check Token') AttributeError: Access Token Required to Check Token
Issue Analytics
- State:
- Created 6 years ago
- Comments:8 (4 by maintainers)
Don’t use except without a specific exception.
When this exception occurs you need to call
set_new_password_challenge(new_password)
https://github.com/capless/warrant/blob/master/warrant/aws_srp.py#L224@flycast it’s a bad practice to use ‘*’ in imports, be patient with it.