Haven’t touched the login flow for months, but it suddenly throws an error when using wrong credentials:
{"status":"500","message":"Cannot read properties of null (reading 'startsWith')","stack":"TypeError: Cannot read properties of null (reading 'startsWith')\n at DatabaseProvider.validate (/opt/node_app/lib/auth/database.js:23:67)\n at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n at async DatabaseProvider.login (/opt/node_app/lib/auth/provider.js:45:26)\n at async App._exec (/opt/node_app/lib/core/app.js:578:30)\n at async App._exec (/opt/node_app/lib/core/app.js:545:17)\n at async App.exec (/opt/node_app/lib/core/app.js:514:9)\n at async App.define (/opt/node_app/lib/core/app.js:496:9)"}
When providing correct credentials it logs in successfully.
My login server connect:
Yes. I never posted this as a bug because I could not find a suitable use case.
I had such data because I migrated from another db, and encountered this error.
And another case was for new sign ups… But that meant I already have another set of steps before login attempt to handle it.
I have empty passwords because users can import email addresses (for example from their mailing list) and then invite their users to our software to set a password.
But it is a bit of an edge case I agree. Less worried about it at least, thanks
Don’t allow null values in the password field, use an empty string for empty password. Better is to prevent empty passwords since those accounts could be exploited. Better is to add the users with a random password and send them the password which they then can change or send them a password reset link.
