Get 500 error on client side but 403 in terminal for the backend

branislavballon · August 15, 2023, 10:53am

Same issue using (typescript):

Node: v18.16.1
npm: 9.5.1
OS: node:18-alpine

It looks like errors in https://github.com/strapi/strapi/blob/main/packages/plugins/users-permissions/server/controllers/auth.js are not handled for some reason.

{
// package.json
    "@strapi/plugin-documentation": "4.12.1",
    "@strapi/plugin-i18n": "4.12.1",
    "@strapi/plugin-users-permissions": "4.12.1",
    "@strapi/provider-email-nodemailer": "4.12.1",
    "@strapi/strapi": "4.12.4"
//...
}

Strapi log (for invalid email):

strapi-backend  | [2023-08-15 10:47:15.760] error: Invalid identifier or password
strapi-backend  | ValidationError: Invalid identifier or password
strapi-backend  |     at Object.callback (/opt/node_modules/@strapi/plugin-users-permissions/server/controllers/auth.js:62:15)
strapi-backend  |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
strapi-backend  |     at async returnBodyMiddleware (/opt/node_modules/@strapi/strapi/lib/services/server/compose-endpoint.js:52:18)
strapi-backend  |     at async policiesMiddleware (/opt/node_modules/@strapi/strapi/lib/services/server/policy.js:24:5)
strapi-backend  |     at async /opt/node_modules/@strapi/strapi/lib/middlewares/body.js:58:9
strapi-backend  |     at async /opt/node_modules/@strapi/strapi/lib/middlewares/logger.js:9:5
strapi-backend  |     at async /opt/node_modules/@strapi/strapi/lib/middlewares/powered-by.js:16:5
strapi-backend  |     at async cors (/opt/node_modules/@koa/cors/index.js:61:32)
strapi-backend  |     at async /opt/node_modules/@strapi/strapi/lib/middlewares/errors.js:13:7
strapi-backend  |     at async session (/opt/node_modules/koa-session/index.js:41:7)

For invalid password

...
at Object.callback (/opt/node_modules/@strapi/plugin-users-permissions/server/controllers/auth.js:75:15)
...