fix(auth): handle sign-in attempts from emails with no password (#933)

* fix(auth): dont reject promise when missing password * fix(auth): use static fallback error message
2025-09-17 17:24:35 +02:00 · 2021-02-15 09:34:40 +01:00
parent 8a7fa00164
commit 5e37a96bc0
2 changed files with 6 additions and 3 deletions
--- a/server/entity/User.ts
+++ b/server/entity/User.ts
@@ -108,11 +108,11 @@ export class User {
  }

  public passwordMatch(password: string): Promise<boolean> {
-    return new Promise((resolve, reject) => {
+    return new Promise((resolve) => {
      if (this.password) {
        resolve(bcrypt.compare(password, this.password));
      } else {
-        return reject(false);
+        return resolve(false);
      }
    });
  }
--- a/server/routes/auth.ts
+++ b/server/routes/auth.ts
@@ -176,7 +176,10 @@ authRoutes.post('/local', async (req, res, next) => {

    return res.status(200).json(user?.filter() ?? {});
  } catch (e) {
-    logger.error(e.message, { label: 'Auth' });
+    logger.error('Something went wrong when trying to authenticate', {
+      label: 'Auth',
+      error: e.message,
+    });
    return next({
      status: 500,
      message: 'Something went wrong.',