fix(core): allow no password user to set password in console profile

logto-io · Sep 11, 2024 · b30f111 · b30f111
1 parent cc346b4
commit b30f111
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/packages/core/src/routes-me/user.ts b/packages/core/src/routes-me/user.ts
@@ -1,6 +1,6 @@
 import { emailRegEx, PasswordPolicyChecker, usernameRegEx } from '@logto/core-kit';
 import { userInfoSelectFields, jsonObjectGuard } from '@logto/schemas';
-import { conditional, pick } from '@silverhand/essentials';
+import { condArray, conditional, pick } from '@silverhand/essentials';
 import { literal, object, string } from 'zod';
 
 import RequestError from '#src/errors/RequestError/index.js';
@@ -141,7 +141,7 @@ export default function userRoutes<T extends AuthedMeRouter>(
 
  const [signInExperience] = await Promise.all([
  findDefaultSignInExperience(),
- checkVerificationStatus(userId, null),
+ ...condArray(user.passwordEncrypted && [checkVerificationStatus(userId, null)]),
  ]);
  const passwordPolicyChecker = new PasswordPolicyChecker(signInExperience.passwordPolicy);
  const issues = await checkPasswordPolicyForUser(passwordPolicyChecker, password, user);