Sign-Up

You need to generate a username (uuid v5) on the front end based on UsernameID and email, and send the email as an attribute.

import { v5 as uuidv5 } from 'uuid';
import { signUp as cognitoSignUp } from 'aws-amplify/auth';

const getUserIdByEmail = (email: string) => uuidv5(email, usernameID);

const signUp = async ({ email, password }) => {
    const response = await cognitoSignUp({
        username: getUserIdByEmail(email),
        password: password,
        options: {
            userAttributes: {
                email: email
            }
        }
    });
    return response;
};

Confirm Sign-Up

Since the username is a uuid v5, to confirm sign-up we must send this username by generating it on the front end based on email.

import { v5 as uuidv5 } from 'uuid';
import { confirmSignUp as cognitoConfirmSignUp } from 'aws-amplify/auth';

const getUserIdByEmail = (email: string) => uuidv5(email, usernameID);

const confirmSignUp = async ({ email, code }) => {
    const response = await cognitoConfirmSignUp({
        username: getUserIdByEmail(email),
        confirmationCode: code
    });

    return response;
};

Sign-In

To sign in, you can send either a phone number, email, or a username: Sign-In.

However, be aware that during sign-up, a user can avoid confirming their email and leave the app. When they try to sign in, you cannot send the email since it is unconfirmed.

The solution is to send a generated username or phone number.

const username = selectedType === 'phone' ? phoneNumber : getUserIdByEmail(email);

const response = await signIn({
    username,
    password: password
});

Forgot Password

Similar to sign-in, you can send a phone number or email: Reset Password.

If the user is unconfirmed, they must first confirm their account and then request a password recovery code.

This is possible only when sending a generated username and receiving a corresponding error that the user is unconfirmed.

Phone Number

To add a phone number, the user must first confirm their email. After which, they are authenticated and able to use our API.

The POST /client route is used to create a user in our database. Alongside the phone number, it will also trigger the Cognito flow to confirm the phone number attribute and send a confirmation code via SMS.

After a successful triggering of the POST /client route, we must verify the attribute: Verify User Attribute or request another code: Send Verification Code.

If a wrong number was entered, it is possible to change it by using the PATCH /client route and then confirm it.