strapi
GraphQL mutation register() is unclear when failing
Bug report
Required System information
- Node.js version: v16.13.2
- NPM version: 8.7.0
- Strapi version:
"dependencies": { "@strapi/plugin-graphql": "^4.1.8", "@strapi/plugin-i18n": "4.1.8", "@strapi/plugin-users-permissions": "4.1.8", "@strapi/provider-email-nodemailer": "^4.1.8", "@strapi/strapi": "4.1.8", "pg": "^8.7.3" }, - Database: PostgreSQL 14.2 (inside Docker container Debian 14.2-1.pgdg110+1)
- Operating system: macOS 12.3.1 (21E258)
Describe the bug
When trying to create a user using a graphql mutation, some errors are not specified (too generic)
"An error occurred during account creation".
Steps to reproduce the behavior
- use a graphql mutation with no client side validation
- use a valid email & a password = "123"
- Get a vague error "An error occurred during account creation"
If you use "testtest" as password, registration works. By reading some code I see that password needs 6 chars. But nothing is returned for the frontend.
Expected behavior
Error should be clear about the password.
I can reproduce this issue as well with all kind of mutations related to users; it never provides the error in the response like it used to in Strapi 3. The response is always:
{
"errors": [
{
"message": "Internal Server Error",
"extensions": {
"code": "INTERNAL_SERVER_ERROR"
}
}
],
"data": null
}
While the actual error pops in Strapi server logs:
ValidationError: password must be at least 6 characters
at handleYupError (/srv/app/node_modules/@strapi/strapi/node_modules/@strapi/utils/lib/validators.js:67:9)
at /srv/app/node_modules/@strapi/strapi/node_modules/@strapi/utils/lib/validators.js:79:7
at runMicrotasks (<anonymous>)
at processTicksAndRejections (internal/process/task_queues.js:95:5)
at async Object.update (/srv/app/node_modules/@strapi/strapi/lib/services/entity-service/index.js:168:23)
at async Object.update (/srv/app/node_modules/@strapi/strapi/lib/services/entity-service/index.js:313:20)
at async Object.update (/srv/app/node_modules/@strapi/plugin-users-permissions/server/controllers/user.js:128:18)
at async resolve (/srv/app/node_modules/@strapi/plugin-users-permissions/server/graphql/mutations/crud/user/update-user.js:36:7)
This prevents an application from displaying any insight to the user when an error occurs and impacts many views: sign up, log in, forgot & reset password, profile edition, …
Here’s an exemple of what Strapi 3 used to return:
{
"errors": [
{
"message": "Bad Request",
"locations": [
{
"line": 2,
"column": 3
}
],
"path": [
"login"
],
"extensions": {
"code": "INTERNAL_SERVER_ERROR",
"exception": {
"code": 400,
"data": {
"statusCode": 400,
"error": "Bad Request",
"message": [
{
"messages": [
{
"id": "Auth.form.error.invalid",
"message": "Identifier or password invalid."
}
]
}
],
"data": [
{
"messages": [
{
"id": "Auth.form.error.invalid",
"message": "Identifier or password invalid."
}
]
}
]
}
}
}
}
],
"data": null
}
@derrickmehaffy Is it me or has this been fixed? I tried it on 4.14.0 and I do get a descriptive error as it was expected.
mutation {
register(input: {
username: "sasfs",
email: "[email protected]",
password:"11"
}) {
user {
username
}
}
}
{
"errors": [
{
"message": "password must be at least 6 characters",
"extensions": {
"error": {
"name": "ValidationError",
"message": "password must be at least 6 characters",
"details": {
"errors": [
{
"path": [
"password"
],
"message": "password must be at least 6 characters",
"name": "ValidationError"
}
]
}
},
"code": "BAD_USER_INPUT"
}
}
],
"data": null
}
