fix(auth): legacy signin password bug

pages/api/sign-in.js

@@ -87,5 +87,5 @@ export default async (req, res) => {
 
   const token = JWT.sign({ id: user.id, username: user.username }, Environment.JWT_SECRET);
 
-  res.status(200).send({ decorator: "SERVER_SIGN_IN", success: true, token });
+  return res.status(200).send({ decorator: "SERVER_SIGN_IN", success: true, token });
 };

scenes/SceneAuth/hooks.js

@@ -61,21 +61,18 @@ export const useSignin = ({ onAuthenticate }) => {
     if (Events.hasError(response)) return;
 
     // NOTE(amine): handling client hash if the user is v2
-    let hashedPassword;
+    let hashedPassword = await Utilities.encryptPasswordClient(password);
-    if (response?.data?.version === 1) {
+
-      hashedPassword = password;
+    credentialsRef.current = { username, password: hashedPassword };
-    } else {
-      hashedPassword = await Utilities.encryptPasswordClient(password);
-    }
 
     //NOTE(amine): the onAuthenticate function will return early
     //             if there is shouldMigrate in the response payload
+    const passwordSentToServer = response?.data?.version === 1 ? password : hashedPassword;
     const authResponse = await onAuthenticate({
       username: username.toLowerCase(),
-      password: hashedPassword,
+      password: passwordSentToServer,
     });
 
-    credentialsRef.current = { username, password: hashedPassword };
     if (authResponse.shouldMigrate) return authResponse;
   };