Invalid user id and password Exceptions

[NixedSec]

What

• Regularly, the app will produce exceptions involving user id and passwords being incorrect. This happens while a user is logged in successfully with either the username or email address. As mentioned in #4627 this was happening while editing nutrition values, though currently it happens every time while editing packaging components on a product.

• Exception: Could not save product - [{impact: {id: failure, name: Failure, Ic_name: Failure}, message: {id: invalid_user_id_and_password, name: Invalid user id and password, Ic_name: Invalid user id and password}}]

Steps to reproduce the behavior

1. Go to any product
2. Click on Edit product
3. Click on Packaging components
4. Add details to this section and save
5. Return to the product page, notice the NOVA question prompt
6. View Pending contributions within the DEV mode section, notice exception

Expected behavior

Product should update without generating an exception.

Why

• It breaks functionality of the app until the exception is dismissed by the user.

Part of

• 4627

• 4638

• 4639

Smartphone model

• Device: Pixel 6
• OS: Android 13
• App Version: 4.10.0+1230-ZXing-FDroid

[monsieurtanuki]

@NixedSec I haven't tried to reproduce the issue yet. I'm a bit surprised though. Of course, you have not changed your password either locally or on the server while updating the data on the app, right?

[M123-dev]

Gala on Slack #general

Re: login issues user account Hello ! Some of you may experienced difficulties to log in into your Open Food Facts accounts :gesicht_ausatmend:. It should be fixed now :gekreuzte_finger: We recommend logging in with your user name first (vs. email). Please let us know if the issue persists. And sorry for the inconvenience

could you check if this issue still exists @NixedSec

[monsieurtanuki]

:gekreuzte_finger:? I didn't know there were localized emoji :figure_souriante_avec_un_clin_d_oeil: I mean 😉

For the record I always use my username (and not my email) when I use the app, which would explain why I never experienced that issue.

[NixedSec]

Unfortunately, this appears to still be persisting. I have re-logged into the account, in case this new change made a difference. I usually use username only, but have been testing with both in case one was causing the issue over the other. By editing packaging information, this causes the exception immediately. I have also not changed the password on this account via the app or website any time recently.

[monsieurtanuki]

@NixedSec @M123-dev @g123k @teolemon I think we're a bit stuck with this issue.

I've just written some code to be more verbose: if the exception contains "invalid_user_id_and_password", let's add the username and a relevant enough part of the password.

Something like that: Exception: Could not save product - [{impact: {id: failure, name: Failure, lc_name: Failure}, message: {id: invalid_user_id_and_password, name: Invalid user id and password, lc_name: Invalid user id and password}}] [user:monsieurtanuki (ab************op)]

That won't solve our issue, but that will help us understand what's going on.

I'm about to PR.