I have created a Lambda function that gets triggered in the PreSignUp phase of AWS Cognito that checks to see if the signup email ends in a certain domain prior to allowing the user to signup. I am using amazon-cognito-identity-js v3.0.11 to make the signup and authentication requests.
I have previously signed up and confirmed the user. But I have also deleted the user from the User Pool. When I try to signup using the same email address, the user email is already marked as confirmed without the user even clicking on the link to verify the email. There are additional client side calls made once the user signs up. A JWT token is also returned that has email_verified set to true. How do i prevent the auto verification of email address? Or is it that once a user's email is confirmed, it will remain confirmed even after the user is deleted from the User Pool?
Pre Signup Lambda Function:
exports.handler = async (event) => {
console.log('Incoming Event: ', JSON.stringify(event));
if (
event.region === 'us-east-1'
&& event.userPoolId === 'us-east-1_xxxxxxxxx'
&& event.callerContext
&& event.callerContext.clientId === 'xxxxyyyyzzzz'
&& event.request
&& event.request.userAttributes
&& event.request.userAttributes.email
&& event.request.userAttributes.email.endsWith('@example.com')) {
return event;
} else {
throw new Error("Invalid Request");
}
};
Event for Pre Signup:
{
"version": "1",
"region": "us-east-1",
"userPoolId": "us-east-1_xxxxxxxxx",
"userName": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"callerContext": {
"awsSdkVersion": "aws-sdk-unknown-unknown",
"clientId": "xxxxyyyyzzzz"
},
"triggerSource": "PreSignUp_SignUp",
"request": {
"userAttributes": {
"email": "[email protected]"
},
"validationData": {}
},
"response": {
"autoConfirmUser": false,
"autoVerifyEmail": false,
"autoVerifyPhone": false
}
}
