How to Differentiate Wrong Password for Unverified User in AWS Cognito SignIn?

Problem:

I’m working with AWS Cognito and implementing user authentication in my react-native app using the aws-amplify library(Gen2 api, version:6.6.0). My flow includes user registration and sign-in using an email and password. Here’s the scenario I’m struggling with:

  1. Sign Up Flow:
  • User signs up with an email and password.
  • Cognito sends a confirmation code to the user’s email for verification (CONFIRM_SIGN_UP).
  • The user closes the app without completing the confirmation process.
  1. Sign In Flow:
  • The user comes back, tries to sign in using the same email and password without confirming their account.
  • If the user tries to sign up again, I get the “User already exists” error, which is expected.
  • Then, they proceed to sign in. If the password is correct, I get nextStep value as ‘CONFIRM_SIGN_UP’, which tells the user to complete the sign-up process by verifying their email.
  • However, if the password is wrong, I get the same nextStep: ‘CONFIRM_SIGN_UP’ instead of any error about the password being incorrect.

The Issue:

When a user signs in and hasn’t verified their email, Cognito returns nextStep: ‘CONFIRM_SIGN_UP’ regardless of whether the password is correct or not.
It should give ‘invlaid credentials’ error, if password for used for signIn is different from the one used during signUp, even if user has not verified previously.

How do I differentiate between a wrong password and an unverified account when the user hasn’t completed the verification?

PS: Please note that, I am facing this issue in Gen2 APIs, I have checked it with previous version 5.2.5, there it worked, but not with 6.6.0

My Current Code:

export async function signInCognito({
  email,
  password,
  onError = () => {},
  onSuccess = () => {},
}: SignInCognitoParams) {
  try {
    const { isSignedIn, nextStep, ...rest } = await signIn({
      username: email,
      password,
    });
    console.log(isSignedIn, nextStep, email, password, rest);

    if (isSignedIn) {
      await saveAuthTokenAndEmail(email);
      onSuccess({ isSignedIn, nextStep });
    }
    
    return isSignedIn;
  } catch (error) {
    onError(error as object);
    return false;
  }
}