diff --git a/keyserver/src/responders/user-responders.js b/keyserver/src/responders/user-responders.js --- a/keyserver/src/responders/user-responders.js +++ b/keyserver/src/responders/user-responders.js @@ -226,17 +226,25 @@ userQuery: [userResult], } = await promiseAll(promises); - if (userResult.length === 0) { - throw new ServerError('invalid_parameters'); - } - const userRow = userResult[0]; - if (!userRow.hash || !bcrypt.compareSync(request.password, userRow.hash)) { - if (hasMinCodeVersion(viewer.platformDetails, 99999)) { + let userRow: any; + if (hasMinCodeVersion(viewer.platformDetails, 167)) { + if (userResult.length === 0) { + throw new ServerError('invalid_login_credentials'); + } + userRow = userResult[0]; + if (!userRow.hash || !bcrypt.compareSync(request.password, userRow.hash)) { + throw new ServerError('invalid_login_credentials'); + } + } else { + if (userResult.length === 0) { throw new ServerError('invalid_parameters'); - } else { + } + userRow = userResult[0]; + if (!userRow.hash || !bcrypt.compareSync(request.password, userRow.hash)) { throw new ServerError('invalid_credentials'); } } + const id = userRow.id.toString(); const newServerTime = Date.now(); diff --git a/native/account/log-in-panel.react.js b/native/account/log-in-panel.react.js --- a/native/account/log-in-panel.react.js +++ b/native/account/log-in-panel.react.js @@ -253,7 +253,7 @@ }); return result; } catch (e) { - if (e.message === 'invalid_credentials') { + if (e.message === 'invalid_login_credentials') { Alert.alert( 'Incorrect username or password', "Either that user doesn't exist, or the password is incorrect", diff --git a/web/account/log-in-form.react.js b/web/account/log-in-form.react.js --- a/web/account/log-in-form.react.js +++ b/web/account/log-in-form.react.js @@ -74,7 +74,7 @@ } catch (e) { setUsername(''); setPassword(''); - if (e.message === 'invalid_credentials') { + if (e.message === 'invalid_login_credentials') { setErrorMessage('incorrect username or password'); } else { setErrorMessage('unknown error');