def _initiateAuth(self, email, password):
client = boto3.client('cognito-idp',
aws_access_key_id=self._conf.ACCESSKEYID,
aws_secret_access_key=self._conf.SECRETACCESSKEY)
hashVal = secretHash(email + self._conf.CLIENT_ID,
self._conf.CLIENT_SECRET)
try:
# boto3.set_stream_logger('botocore', level='DEBUG')
resp = client.admin_initiate_auth(
UserPoolId=self._conf.USER_POOL_ID,
ClientId=self._conf.CLIENT_ID,
AuthFlow='ADMIN_USER_PASSWORD_AUTH',
AuthParameters={
'USERNAME': email,
'SECRET_HASH': hashVal,
'PASSWORD': password,
},
ClientMetadata={
'username': email,
'password': password,
})
except client.exceptions.NotAuthorizedException:
return None, 'The email or password is incorrect'
except client.exceptions.UserNotConfirmedException:
return None, 'User is not confirmed'
except Exception as e:
return None, e.__str__()
return resp, None
def doResend(self, email):
boto3.setup_default_session(region_name=self._conf.REGION)
client = boto3.client('cognito-idp')
status, error = self._checkUserConfirmed(client, email)
if error is not None:
return {'status': 'error', 'error': error}
else:
if status == 'UNCONFIRMED':
try:
hashVal = secretHash(email + self._conf.CLIENT_ID,
self._conf.CLIENT_SECRET)
client.resend_confirmation_code(
ClientId=self._conf.CLIENT_ID,
SecretHash=hashVal,
Username=email)
except client.exceptions.UserNotFoundException:
return {'status': 'error', 'error': 'User does not exists'}
except Exception as e:
return {
'status': 'error',
'error': f'Unknown error {e.__str__()}'
}
elif status == 'CONFIRMED':
return {
'status': 'error',
'error': 'User is already confirmed'
}
else:
return {'status': 'error', 'error': 'User is in other state'}
return {'status': 'ok', 'message': 'Code sent again'}
def _refreshAuth(self, refreshToken, cognitoUUID):
client = boto3.client('cognito-idp',
aws_access_key_id=self._conf.ACCESSKEYID,
aws_secret_access_key=self._conf.SECRETACCESSKEY)
hashVal = secretHash(cognitoUUID + self._conf.CLIENT_ID,
self._conf.CLIENT_SECRET)
try:
boto3.set_stream_logger('botocore', level='DEBUG')
resp = client.admin_initiate_auth(
UserPoolId=self._conf.USER_POOL_ID,
ClientId=self._conf.CLIENT_ID,
AuthFlow='REFRESH_TOKEN_AUTH',
AuthParameters={
'REFRESH_TOKEN': refreshToken,
'SECRET_HASH': hashVal
})
except client.exceptions.NotAuthorizedException as e:
return None, e.__str__()
except client.exceptions.UserNotConfirmedException:
return None, 'User is not confirmed'
except Exception as e:
return None, e.__str__()
return resp, None
def doConfirmCode(self, email, code):
boto3.setup_default_session(region_name=self._conf.REGION)
client = boto3.client('cognito-idp')
try:
hashVal = secretHash(email + self._conf.CLIENT_ID,
self._conf.CLIENT_SECRET)
client.confirm_sign_up(
ClientId=self._conf.CLIENT_ID,
SecretHash=hashVal,
Username=email,
ConfirmationCode=code,
ForceAliasCreation=False,
)
except client.exceptions.UserNotFoundException:
return {'status': 'error', 'error': 'User does not exists'}
except client.exceptions.CodeMismatchException:
return {'status': 'error', 'error': 'Invalid Verification code'}
except client.exceptions.NotAuthorizedException:
return {'status': 'error', 'error': 'User is already confirmed'}
except Exception as e:
return {'status': 'error', 'error': f'Unknown error {e.__str__()}'}
return {'status': 'ok', 'message': 'Code verificated!'}
def doRecoverPasswordConfirm(self, email, newpassword, code):
boto3.setup_default_session(region_name=self._conf.REGION)
client = boto3.client('cognito-idp')
try:
hashVal = secretHash(email + self._conf.CLIENT_ID,
self._conf.CLIENT_SECRET)
client.confirm_forgot_password(ClientId=self._conf.CLIENT_ID,
SecretHash=hashVal,
Username=email,
ConfirmationCode=code,
Password=newpassword)
except client.exceptions.UserNotFoundException:
return {'status': 'error', 'error': 'Username does not exists'}
except client.exceptions.CodeMismatchException:
return {'status': 'error', 'error': 'Invalid Verification code'}
except client.exceptions.NotAuthorizedException:
return {'status': 'error', 'error': 'User is already confirmed'}
except Exception as e:
return {'status': 'error', 'error': f'Unknown error {e.__str__()}'}
return {
'status': 'ok',
'message': 'Password has been changed successfully'
}
def doSignUp(self, name, email, password, birthdate, phoneNumber, address):
username = email
boto3.setup_default_session(region_name=self._conf.REGION)
client = boto3.client('cognito-idp')
try:
hashVal = secretHash(username + self._conf.CLIENT_ID,
self._conf.CLIENT_SECRET)
resp = client.sign_up(ClientId=self._conf.CLIENT_ID,
SecretHash=hashVal,
Username=username,
Password=password,
UserAttributes=[{
'Name': 'name',
'Value': name
}, {
'Name': 'email',
'Value': email
}, {
'Name': 'phone_number',
'Value': phoneNumber
}, {
'Name': 'family_name',
'Value': 'Latter Pay'
}, {
'Name': 'birthdate',
'Value': birthdate
}, {
'Name': 'address',
'Value': address
}],
ValidationData=[{
'Name': 'email',
'Value': email
}, {
'Name': 'custom:username',
'Value': username
}])
print(resp)
except client.exceptions.UsernameExistsException:
return {
'status': 'error',
'error': 'This user already exists',
'data': None
}
except client.exceptions.InvalidPasswordException:
return {
'status': 'error',
'error': 'Password should have Caps, Special chars, Numbers',
'data': None
}
except client.exceptions.UserLambdaValidationException:
return {
'status': 'error',
'error': 'Email already exists',
'data': None
}
except Exception as e:
return {'status': 'error', 'error': str(e), 'data': None}
return {
'status': 'ok',
'message': 'Please check Email for validation code',
'data': None
}