fix(core): fix user password and identities check (#2379)

packages/core/src/routes/session/continue.ts

@@ -23,6 +23,7 @@ import {
   getContinueSignInResult,
   getRoutePrefix,
   getVerificationStorageFromInteraction,
+  isUserPasswordSet,
 } from './utils';
 
 export const continueRoute = getRoutePrefix('sign-in', 'continue');
@@ -42,7 +43,7 @@ export default function continueRoutes<T extends AnonymousRouter>(router: T, pro
 
       // Social identities can take place the role of password
       assertThat(
-        !user.passwordEncrypted && Object.keys(user.identities).length === 0,
+        !isUserPasswordSet(user),
         new RequestError({
           code: 'user.password_exists',
         })

packages/core/src/routes/session/utils.ts

@@ -152,6 +152,13 @@ export const getContinueSignInResult = async (
   return rest;
 };
 
+export const isUserPasswordSet = ({
+  passwordEncrypted,
+  identities,
+}: Pick<User, 'passwordEncrypted' | 'identities'>): boolean => {
+  return Boolean(passwordEncrypted) || Object.keys(identities).length > 0;
+};
+
 /* eslint-disable complexity */
 export const checkRequiredProfile = async (
   ctx: Context,
@@ -160,11 +167,11 @@ export const checkRequiredProfile = async (
   signInExperience: SignInExperience
 ) => {
   const { signUp } = signInExperience;
-  const { passwordEncrypted, id, username, primaryEmail, primaryPhone } = user;
+  const { id, username, primaryEmail, primaryPhone } = user;
 
   // If check failed, save the sign in result, the user can continue after requirements are meet
 
-  if (signUp.password && !passwordEncrypted) {
+  if (signUp.password && !isUserPasswordSet(user)) {
     await assignContinueSignInResult(ctx, provider, { userId: id });
     throw new RequestError({ code: 'user.require_password', status: 422 });
   }