Comments (3)
Hello, @brianlenz 👋. While this was opened as a bug, it looks like it's very similar to the feature request in #10393 regarding improved offline session management. Also, the behavior described here for the fetchAuthSession()
API after the app goes offline and gets restarted seems expected. When loading up (or reloading/restarting) an app, fetchAuthSession()
will attempt to get the credentials again due to them being persisted in-memory.
I'll mark this as a duplicate of #10393, but let us know if you have additional questions. Feel free to add any context, upvotes, etc. on that issue and track it for updates on this feature request too. Thanks!
from amplify-js.
@cwomack I appreciate the response! I can see how #10393 is related, but that's an old feature request from 2022 in the context of v5, whereas this is v6-specific. v5 supported what we're trying to do here, but v6 does not, so this feels more like a regression than a feature request.
I've been doing more testing, and it looks like the issue also applies to getCurrentUser()
. In v5, you could invoke Auth.currentAuthenticatedUser()
to get the current user without needing to hit the server, even if the session had expired. getCurrentUser()
, however, requires a session in order to complete, which means that if the session/token has expired, it will attempt a request to the server, so there is no way in v6 to ensure we can check a user is signed in to Amplify without an internet connection. This feels like a bug to me since it was possible in v5?
We are going to work around these limitations by reworking our logic, leveraging NetInfo and some internal state to determine if a user is signed in since we can no longer reliably rely on Amplify for that. To me, it feels like these improvements would still be warranted from an Amplify framework standpoint, but I'll leave it to you to determine how best to handle within the issues here since you know the project much better than I do 👍 Thanks!
from amplify-js.
Hi @cwomack @brianlenz ,
I am investigating an issue that might be related to the one currently being discussed. I've noticed in the code at this section:
https://github.com/aws-amplify/amplify-js/blob/main/packages/auth/src/providers/cognito/credentialsProvider/credentialsProvider.ts#L119-L148
that when guest user credentials expire, the SDK sends a request with the existing Cognito Identity ID as a parameter to getCredentialsForIdentity. Interestingly, the identity ID is replaced with the one that is returned. In my local tests, however, the same identity ID is returned even after the guest user token expires (after 1 hour). Yet, the identity ID is replaced in the if condition on line 142. Can you clarify if the guest Cognito ID can change and under what circumstances? How can we reproduce this behavior? Please let me know if you need more information, or another issue should be opened.
from amplify-js.
Related Issues (20)
- amplify/auth resetPassword succeeds but customSmsSender trigger lambda never called HOT 3
- Federated Sign-in - App Sync list query Auth Error HOT 2
- Amplify not works well if I have configuring multiple user pools with condition
- Next, js, Amplify js.fetchAuthSession({forceRefresh: true}) does not work as expected and returns tokens as undefined. How to manage a refresh token in Amplify v6 in Next.js HOT 4
- Amplify CLI Gen 2 - Multiple SortKeys combined into one input with GraphQL Generation HOT 5
- AWS storage upload issue HOT 2
- Datastore.save() sending _version of previous query model instead of current model. HOT 2
- runWithAmplifyServerContext throwing error, ⨯ Error: Cannot access Cognito.length on the server. You cannot dot into a client module from a server component. You can only pass the imported name through. HOT 4
- 6.3.3 is stable ? HOT 1
- ResizeObserver loop when navigating in the Authenticator component HOT 1
- [v6] resetPassword not trigger UserMigration lambda HOT 2
- Add timeout on GET and POST api calls for amplify v6 HOT 2
- No federated JWT token when using AppSync OIDC in Amplify Gen2 HOT 5
- Permission denied - allow.authenticated() HOT 6
- [v6] sendUserAttributeVerificationCode not send code to destination email HOT 5
- MD5 not calculating correctly when selecting file from broswer, failing with BadDigest Error HOT 3
- Auth.SignIn not allowing username only signin HOT 1
- `Hub.listen` not firing when inside `useEffect` HOT 14
- Hub should automatically fire `tokenRefresh` event through Hub HOT 1
- Google login in react native requires two login attempts to work only on production ANDROID HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amplify-js.