fix(core): allow no password user to set password in console profile (#6572)

2024-12-30 20:33:54 -05:00 · 2024-09-12 10:48:00 +08:00 · 2024-09-12 10:48:00 +08:00 · a6178f45e2
commit a6178f45e2
parent 380cc43e64
1 changed files with 2 additions and 2 deletions
--- a/packages/core/src/routes-me/user.ts
+++ b/packages/core/src/routes-me/user.ts
@ -1,6 +1,6 @@
 import { emailRegEx, PasswordPolicyChecker, usernameRegEx } from '@logto/core-kit';
 import { userInfoSelectFields, jsonObjectGuard } from '@logto/schemas';
-import { conditional, pick } from '@silverhand/essentials';
+import { condArray, conditional, pick } from '@silverhand/essentials';
 import { literal, object, string } from 'zod';

 import RequestError from '#src/errors/RequestError/index.js';
@ -141,7 +141,7 @@ export default function userRoutes<T extends AuthedMeRouter>(

      const [signInExperience] = await Promise.all([
        findDefaultSignInExperience(),
-        checkVerificationStatus(userId, null),
+        ...condArray(user.passwordEncrypted && [checkVerificationStatus(userId, null)]),
      ]);
      const passwordPolicyChecker = new PasswordPolicyChecker(signInExperience.passwordPolicy);
      const issues = await checkPasswordPolicyForUser(passwordPolicyChecker, password, user);