From a6178f45e279e7b9a5a4cc7a52f19e02889060f8 Mon Sep 17 00:00:00 2001
From: Charles Zhao <charleszhao@silverhand.io>
Date: Thu, 12 Sep 2024 10:48:00 +0800
Subject: [PATCH] fix(core): allow no password user to set password in console
 profile (#6572)

---
 packages/core/src/routes-me/user.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/core/src/routes-me/user.ts b/packages/core/src/routes-me/user.ts
index 038e069b2..553604e68 100644
--- a/packages/core/src/routes-me/user.ts
+++ b/packages/core/src/routes-me/user.ts
@@ -1,6 +1,6 @@
 import { emailRegEx, PasswordPolicyChecker, usernameRegEx } from '@logto/core-kit';
 import { userInfoSelectFields, jsonObjectGuard } from '@logto/schemas';
-import { conditional, pick } from '@silverhand/essentials';
+import { condArray, conditional, pick } from '@silverhand/essentials';
 import { literal, object, string } from 'zod';
 
 import RequestError from '#src/errors/RequestError/index.js';
@@ -141,7 +141,7 @@ export default function userRoutes<T extends AuthedMeRouter>(
 
       const [signInExperience] = await Promise.all([
         findDefaultSignInExperience(),
-        checkVerificationStatus(userId, null),
+        ...condArray(user.passwordEncrypted && [checkVerificationStatus(userId, null)]),
       ]);
       const passwordPolicyChecker = new PasswordPolicyChecker(signInExperience.passwordPolicy);
       const issues = await checkPasswordPolicyForUser(passwordPolicyChecker, password, user);