AWS Cognito Tutorial Part III | Session persistence & change password
Вставка
- Опубліковано 29 бер 2019
- This is part III of the AWS Cognito tutorial series. Join us in this tutorial as we finish up integration of AWS Cognito and AWS Amplify in our client app and also wire up our forgot password and change password pages.
Here is the 'Hexal Energy' starter app for this tutorial:
github.com/jspruance/aws-cogn...
AWS Amplify auth documentation:
aws-amplify.github.io/docs/js...
AWS Cognito:
aws.amazon.com/cognito/
Completed tutorial code:
github.com/jspruance/aws-cogn... - Наука та технологія
![AWS Cognito + React JS Tutorial: Changing Password (2020) [Cognito Episode #4]](http://i.ytimg.com/vi/-4axrfgbjTk/mqdefault.jpg)
This three part series was great. I'm new to Amplify and React, and I was able to follow and update a site I'm building to use this. Thanks.
Amazing video. I thought I would try Cognito for auth this time around and this tutorial is the best I've seen. Watched all three and have everything set up and ready to rock! Thanks again!
Outstanding tutorial, very clear very easy to follow. I appreciate a lot the start and final code on github.
Hi Jonathan, I have followed all 3 parts and the tutorial is very clear. Thank you for organizing so well. This course helped me a lot. I appreciate for sharing your knowledge and coding skills. Thanks again!
Thank you Jonathan. I Followed all 3 parts, very clear, helped me a lot.
Thanks Massimo, glad you found it useful : )
Yeah, I followed all 3 parts, very informative and quite helpful to my new project.
I love your series of AWS serverless :D easy to follow and focus in popular services of AWS for web development.
Clear enough for me to follow this as I make my Python + Django cognito backend. Thanks.
Thank you for this very useful video series! It helped a lot!
excellent, glad you found it helpful!
That's another awesome tutorial. I love your work man.
thanks my friend - appreciate that!
Great 3 part series! Got to be the best Cognito example due to the integration with Hexal (UI). It would be great (at least for me :-) if you did a 4th video that demonstrated the workflow of "Only allow administrators to create users" and had the Administrator send out email invitations for people to join the site. I've looked for such examples to no avail.
Hey... this is a very useful video and your channel is full of helpful content. Could you do a video on Role base access control using cognito. A sytem such as a blog which might have different type of users like admin, moderators, authors, readers etc.
Yes I need that too. I need a video as to how multiple apps can be accessed after logged in one bar. Sharing the session with other apps such as Single Sign-on.
perfect! This video helps me out! Very Very useful!
Great series. I am starting a new project which is completely based on AWS and implements various AWS services. I had previously worked on Firebase and there isn't much different between Firebase and AWS.
I will follow all your tutorials on AWS as it surely going to help me a lot.
Liked and subscribed and shared.
Thanks!
thanks my friend!
thanks for an excellent video and with lucid explaination , it is great learning experience
Awesome course, thanks a lot!
Nice tutorial. Thanks!
It is a very good guide, thanks for this!
thanks Vitaly, glad it was helpful : )
Thank you very much, helped me a lot. :)
Thanks a lot, really, you should do more stuff like this
Great tutorial, helped me a lot. I do not think it was long because you explained really well all the steps. Just one thing, In the tutorial you use the path '/changepasswordconfirmation' but in the starter app code the path is '/changepasswordconfirm'
hey Felix thanks for letting me know - this is now updated in the repo!
This one saved my day
Hello Jonathan. First of all, I would like to thank you for this amazing Cognito series, I gained a lot of knowledge from this.
I do have one issue which is out of the scope of this series, but I hope you are able to help me out: I build the application and put into s3 as static website. Whenever I click on "Login" or "Register" it throws a 404 error but doesn't give any pointers as to where the issue is. Do you have a video addressing this or do you know what I am missing? Thanks a lot!
Excellent! Thank you. It’s been a year since you made a video. Such a tragedy, I hope you are well and come back soon.
Thanks for the amazing tutorials! Btw should you check first if not empty the variable “session“ before setAuthStatus to true in app.js -> componentDidMount?
Thank you!
thank you very much man !
thanks you're great!!
Great walkthrough, is it possible to create or migrate this code to react native to support mobile app development? Thanks a lot for sharing
thanks Cloud Path for this series of tutorial. Perhaps you could continue on this series by doing something about protected routes? thanks.
great suggestion. i'll try to queue that up for a possible video as time permits!
Thanks a lot. Can you make a tutorial about preventing multiple simultaneous login to cognito?
Very nice and the descriptions are very clear. do you have a tutorial about how to add the cognito User group data to DynamoDb? Thank alot
All very interesting but the pages are always accessible, both by the user logged in and by the user not logged in. So the system does not protect pages from free access. The purpose of authentication is to direct the user to reserved pages. How can it be done?
It was cool )
Thank you! But I have a question... How can I expire the session after 1 hour of inactivity? I can continue using the application even the next day and don't know how to force the user to authenticate again.
Hi, thanks for the tutorial. I was wondering how do i go about rerouting the navigation so that if unauthenticated user tries entering the url such as the /products or /admin, they get redirected to the sign up page instead? currently your app only hides the buttons for unauthennticated users but they can still access it if they enter the URL
This is very good to me. Thank you so much. By the way, all menus in hexal pages can be accessible, even if not logged in status. So, can you show us how to hide all menus, except for Home and login page, when users are not logged in. Or role base access control system.
put this on my to do list - thanks!
@@BlockExplorerMedia any updates on this? i also want to know
How authorization in the backend works? Do you use cognito in the backend as well?
thank you, sir, for your video.
what if we use currentAuthenticatedUser whenever we need the information of user?
and if get an error we know that user is not log in anymore so we send him to login page
yes that's the ideal approach. this code should be in 'app.js' for this tutorial.
Hello
Is there a way we can set a validation that the new password that we are setting during forget password flow cant be same as the current password
similar to the change password flow ?
Cloud Path, if I simply want a login page using Cognito do I need all of your code? I don't want to allow registration, or the forgot password functionality. I plan on creating the user in the AWS console just to test the login functionality.
no you don't need all of it - just the config code and the login page - you can leave the rest out!
Greate tutorial !! how to upload this to Amplify and connect to Cognito?
Saved me hours of "not so light" reading. Thanks very much! Do you have any tutorials on the implementing Federal Identities (FaceBook) etc?
That's my goal! Nothing yet on role federation but I'll consider covering that in the future - thanks!
@@BlockExplorerMedia Thanks much! Quick question: Now that React's Context API is released, would you recommend using it for session management across pages as opposed to passing auth vars via props?
You know, I haven't looked into the Context API yet. Passing props down (and back up) through multiple levels was always my biggest pain point with React though so I'm excited to check this out - thanks for the heads up!
After I logged in, username uses user ID like hex code not regular. Also, after logged in, I clicked on any link, it is logged out automatically and session does not remain.
Hey JSpru, i used your tutorial and everything is working fine but i have one question. When i create a product, Where does this product info is stored? Thanks
hey Felix. the product data is just stored in React state in this example, so just on the client side. that's why whenever you restart the application any new data is gone. in a real world app, you'd want to go the extra step to persist the data in a database.
@@BlockExplorerMedia thank you for the quick answer, i will use dynamoDB for it
@@felixin02 great choice!
Hello! I have a suggestion.
It would be very useful if you consider to make a tutorial about AWS Step Functions and how to communicate them with Lambada Functions.
May be in future another about how to trigger a lambada function from another.
This because is very very hard to find information and examples about this topics at internet. Thanks!
i used sns (simple notification service) to trigger a lambda from another lambda function. i got the idea from this article dev.to/adnanrahic/a-crash-course-on-serverless-with-aws---triggering-lambda-with-sns-messaging-30nf
great suggestion. i haven't covered step functions yet - will add that to my todo list
The change password in the documentation needs another parameter access token how to tackle with that?
Can't the details like pool id, client id etc. be read from source code since this app lives on the browser and be used by say another app to sign up users?
Good. very useful. But how to deploy this in s3 as a static website
Very Very good tutorial, thanks man, can l use your tutorial in free tier ?!
I am not receiving verification code after forgot password. Do I have to make any changes in cognito?
Is there any document to migrate users from auth0 to Cognito without letting users know? Or will you be able to make a video on this? Thanks
Are there any courses that you can recommend for learning React?
Check out React courses by Brad Traversy on UA-cam and elsewhere. He is a pretty awesome teacher.
My logout button doesn't redirect back to the homepage, is this because of the preventDefault invocation in handleLogOut?
Example: If user is at admin page and logs out, I still see admin page, I'd rather it redirect back home after the log out.
i think it's just because I never implemented a redirect in the handleLogOut function. great idea though I will try to add that asap.
@@BlockExplorerMedia did you manage to add it?
Hey ! While i login i am able to get unrecognisable lambda output ! Can u help me solve this
Good tutorial ! But i am not able to login it shows “ unrecognisable lambda output “ ! Can u please help me to solve it ? Thanks in advance
How to convert PDF to password protected PDF and attach it to email using AWS SES?
This is not going to work if your user's account status is FORCE_CHANGE_PASSWORD. Please make a video of how to implement that part as well, because currently, you can only do that by using Cognito hosted UI.
What are limits in Congnito Can you pls explain?
probably just the fact that you are tied into the AWS ecosystem - however that can also be looked at as an advantage, as their massive, worldwide network, power and security is leveraged.
Hi Thanks for this amazing content. Thanks a lot I am facing this issue
./src/components/Navbar.js
Line 60: 'handleLogOut' is not defined no-undef
Search for the keywords to learn more about each error.
Please help me out. Thanks in advance !!
this.handleLogOut as shown in the Completed code.
Also, ChangePassword function does not work. Error says "Not authenicated". Anyone helps?
maybe u can log in as a user first, then try going to the /changepassword route to change your password
yes, you must be logged in first
Hey boss, why have you stopped making more videos like this please make some more interesting videos please please
theres so much boilerplate code in react. im glad i ditched it in favor of vue
I haven't used vue yet...need to check it out. React definitely has it's drawbacks.
great videos.
Forgot password change and change password sends the passwords in clear text. can see it in clear text in the header request payload:
PreviousPassword: "Cde456&*(", ProposedPassword: "Abc123$%^",…}
AccessToken: ""
PreviousPassword: "Cde456&*("
ProposedPassword: "Abc123$%^"
Even Forgot Password does not work. There is nothing when clicking on Submit.
It’s hilarious seeing all these fake names on here of people who don’t trust their spouses or whatever other reasons for this crap
don't understand why are you teaching people stuff if you yourself write it like a complete beginner...