How to allow my user to reset their password on Cognito User Pools?

Question

So in my app I obviously want to provide the means for users to reset their passwords. The issue I\'m having though is that the new documentation for User Pools is pretty ambigu

Answer 1

I had this same issue. Was able to work through it by using confirmPassword() in the following way.

//validation of input from form
req.checkBody('email', 'Username is required').notEmpty();
req.checkBody('password', 'Password is required').notEmpty();
req.checkBody('confirmationcode', 'Confirmation Code is required').notEmpty();


var confirmationCode = req.body.confirmationcode;
var password = req.body.password;
var userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);


var userData = {
    Username: req.body.email,
    Pool: userPool
};
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);

cognitoUser.confirmPassword(confirmationCode, password, {
    onFailure(err) {
        console.log(err);
    },
    onSuccess() {
        console.log("Success");
    },
});

Answer 2

Resetting the password with forgot password flow has two steps:

1. Start the process by requesting for a verification code from the service. A code will be delivered to the user's phone/email.
2. Set the new password using the delivered verification code.

Use these two functions to perform the above steps and reset the password:

1. cognitoUser.forgotPassword(): This will start the forgot password process flow. The service generates a verification code and sends it to the user. The "data", returned through callback.inputVerificationCode(data), indicates where the verification code was sent.

2. cognitoUser.confirmPassword(): Use the delivered verification code with this function to set a new password.

Answer 3

AWS' docs are terrible on this topic (Cognito). You basically need to setup cognitoUser, then call forgotPassword

export function resetPassword(username) {
    // const poolData = { UserPoolId: xxxx, ClientId: xxxx };
    // userPool is const userPool = new AWSCognito.CognitoUserPool(poolData);

    // setup cognitoUser first
    cognitoUser = new AWSCognito.CognitoUser({
        Username: username,
        Pool: userPool
    });

    // call forgotPassword on cognitoUser
    cognitoUser.forgotPassword({
        onSuccess: function(result) {
            console.log('call result: ' + result);
        },
        onFailure: function(err) {
            alert(err);
        },
        inputVerificationCode() { // this is optional, and likely won't be implemented as in AWS's example (i.e, prompt to get info)
            var verificationCode = prompt('Please input verification code ', '');
            var newPassword = prompt('Enter new password ', '');
            cognitoUser.confirmPassword(verificationCode, newPassword, this);
        }
    });
}

// confirmPassword can be separately built out as follows...  
export function confirmPassword(username, verificationCode, newPassword) {
    cognitoUser = new AWSCognito.CognitoUser({
        Username: username,
        Pool: userPool
    });

    return new Promise((resolve, reject) => {
        cognitoUser.confirmPassword(verificationCode, newPassword, {
            onFailure(err) {
                reject(err);
            },
            onSuccess() {
                resolve();
            },
        });
    });
}