Added check for empty salt before attempting to encrypt password. If you sign up with OAuth provider and then try to login with Email (local strategy), the Salt is empty and authentication fails.

andrunix · andrunix · commit d3b98529be65 · 2013-12-11T16:25:46.000-05:00
diff --git a/app/models/user.js b/app/models/user.js
@@ -117,6 +117,7 @@ UserSchema.methods = {
      */
     encryptPassword: function(password) {
         if (!password) return '';
+        if (!this.salt) return '';
         salt = new Buffer(this.salt, 'base64');
         return crypto.pbkdf2Sync(password, salt, 10000, 64).toString('base64');
     }

Original file line number	Diff line number	Diff line change
`@@ -117,6 +117,7 @@ UserSchema.methods = {`
`117`	`117`	`*/`
`118`	`118`	`encryptPassword: function(password) {`
`119`	`119`	`if (!password) return '';`
	`120`	`+ if (!this.salt) return '';`
`120`	`121`	`salt = new Buffer(this.salt, 'base64');`
`121`	`122`	`return crypto.pbkdf2Sync(password, salt, 10000, 64).toString('base64');`
`122`	`123`	`}`