Unable to change user's password (0.21.0)

[perfectra1n]

Description

Hey there, I'm running Vikunja with Postgres. It's brand new, and when I try to change my user's password via the UI, or via the vikunja CLI in the API container, it returns an error:

/app/vikunja # ./vikunja user reset-password 1 --direct --password 'newpassword1'
2023/07/28 20:03:52 No config file found, using default or config from environment variables.
2023-07-28T20:03:52.426040121Z: INFO    ▶ migration/Migrate 052 Ran all migrations successfully.
panic: reflect: call of reflect.Value.Len on interface Value

goroutine 1 [running]:
reflect.Value.lenNonSlice({0x14c3a40?, 0xc00039e100?, 0xc00055e8d0?})
        /usr/local/go/src/reflect/value.go:1714 +0x165
reflect.Value.Len(...)
        /usr/local/go/src/reflect/value.go:1693
xorm.io/xorm/internal/statements.(*Statement).BuildUpdates(0xc000312d80, {0x1650060, 0xc00039e000, 0x199}, 0x38?, 0xf5?, 0x41?, 0x0?, 0x
c0?)
        /go/pkg/mod/xorm.io/xorm@v1.3.2/internal/statements/update.go:264 +0xf67
xorm.io/xorm.(*Session).Update(0xc00030ec30, {0x15c3bc0, 0xc00039e000}, {0x0, 0x0, 0x0?})
        /go/pkg/mod/xorm.io/xorm@v1.3.2/session_update.go:191 +0x59f
code.vikunja.io/api/pkg/user.UpdateUserPassword(0xc00030ec30, 0xc0001afce0, {0x7fff8d5f292f, 0x10})
        /go/src/code.vikunja.io/api/pkg/user/user.go:552 +0x119
code.vikunja.io/api/pkg/cmd.glob..func18(0x2557a40?, {0xc0007265c0, 0x1, 0x4?})
        /go/src/code.vikunja.io/api/pkg/cmd/user.go:257 +0xe5
github.com/spf13/cobra.(*Command).execute(0x2557a40, {0xc000726580, 0x4, 0x4})
        /go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:944 +0x847
github.com/spf13/cobra.(*Command).ExecuteC(0x25588a0)
        /go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:1068 +0x3bd
github.com/spf13/cobra.(*Command).Execute(...)
        /go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:992
code.vikunja.io/api/pkg/cmd.Execute()
        /go/src/code.vikunja.io/api/pkg/cmd/cmd.go:44 +0x25
main.main()
        /go/src/code.vikunja.io/api/main.go:22 +0x17

Please let me know if there is anything else I can help with as well.

Vikunja Frontend Version

0.21.0

Vikunja API Version

0.21.0

Browser and version

No response

Can you reproduce the bug on the Vikunja demo site?

Yes

Screenshots

Below is a screenshot of the error on the demo site:

[PulsarFX]

I run vikunja with sqlite and got this error in the api log, when I tried to change my user password:

version is: cmd/func25 055 Vikunja version v0.21.0

2023-08-10T22:50:28.424413202Z: - 	▶ echo recover.go:113 [PANIC RECOVER] reflect: call of reflect.Value.Len on interface Value goroutine 409 [running]:
github.com/labstack/echo/v4/middleware.RecoverWithConfig.func1.1.1()
	/go/pkg/mod/github.com/labstack/echo/v4@v4.10.2/middleware/recover.go:93 +0x14e
panic({0x14d46c0, 0xc0005629f0})
	/usr/local/go/src/runtime/panic.go:884 +0x213
reflect.Value.lenNonSlice({0x14c3a40?, 0xc024fa6d60?, 0xc0005c4150?})
	/usr/local/go/src/reflect/value.go:1714 +0x165
reflect.Value.Len(...)
	/usr/local/go/src/reflect/value.go:1693
xorm.io/xorm/internal/statements.(*Statement).BuildUpdates(0xc0000cdd40, {0x1650060, 0xc024fa6c60, 0x199}, 0xc0?, 0x96?, 0x2?, 0x0?, 0xc0?)
	/go/pkg/mod/xorm.io/xorm@v1.3.2/internal/statements/update.go:264 +0xf67
xorm.io/xorm.(*Session).Update(0xc0004c64e0, {0x15c3bc0, 0xc024fa6c60}, {0x0, 0x0, 0xc000431cb0?})
	/go/pkg/mod/xorm.io/xorm@v1.3.2/session_update.go:191 +0x59f
code.vikunja.io/api/pkg/user.UpdateUserPassword(0xc0004c64e0, 0xc024fa69a0, {0xc025280160, 0xe})
	/go/src/code.vikunja.io/api/pkg/user/user.go:552 +0x119
code.vikunja.io/api/pkg/routes/api/v1.UserChangePassword({0x1a933a0, 0xc0000bae60})
	/go/src/code.vikunja.io/api/pkg/routes/api/v1/user_update_password.go:76 +0x195
github.com/labstack/echo-jwt/v4.Config.ToMiddleware.func2.1({0x1a933a0, 0xc0000bae60})
	/go/pkg/mod/github.com/labstack/echo-jwt/v4@v4.2.0/jwt.go:237 +0x41d
code.vikunja.io/api/pkg/routes.registerAPIRoutes.func1.1({0x1a933a0, 0xc0000bae60})
	/go/src/code.vikunja.io/api/pkg/routes/routes.go:230 +0x1cb
github.com/labstack/echo/v4.(*Echo).add.func1({0x1a933a0, 0xc0000bae60})
	/go/pkg/mod/github.com/labstack/echo/v4@v4.10.2/echo.go:575 +0x51
github.com/labstack/echo/v4/middleware.CORSWithConfig.func1.1({0x1a933a0, 0xc0000bae60})
	/go/pkg/mod/github.com/labstack/echo/v4@v4.10.2/middleware/cors.go:264 +0x8b8
github.com/labstack/echo/v4/middleware.RecoverWithConfig.func1.1({0x1a933a0, 0xc0000bae60})
	/go/pkg/mod/github.com/labstack/echo/v4@v4.10.2/middleware/recover.go:119 +0xfe
github.com/labstack/echo/v4/middleware.LoggerWithConfig.func2.1({0x1a933a0, 0xc0000bae60})
	/go/pkg/mod/github.com/labstack/echo/v4@v4.10.2/middleware/logger.go:126 +0xe2
github.com/labstack/echo/v4.(*Echo).ServeHTTP(0xc0000cd440, {0x1a752f0?, 0xc0002740e0}, 0xc025190000)
	/go/pkg/mod/github.com/labstack/echo/v4@v4.10.2/echo.go:662 +0x3d1
net/http.serverHandler.ServeHTTP({0x1a71910?}, {0x1a752f0, 0xc0002740e0}, 0xc025190000)
	/usr/local/go/src/net/http/server.go:2936 +0x316
net/http.(*conn).serve(0xc0251aa000, {0x1a75c88, 0xc00056e2a0})
	/usr/local/go/src/net/http/server.go:1995 +0x612
created by net/http.(*Server).Serve
	/usr/local/go/src/net/http/server.go:3089 +0x5ed

goroutine 1 [chan receive, 4 minutes]:
code.vikunja.io/api/pkg/cmd.glob..func25(0x25588a0?, {0x167ae75?, 0x0?, 0x0?})
	/go/src/code.vikunja.io/api/pkg/cmd/web.go:98 +0x171
github.com/spf13/cobra.(*Command).execute(0x25588a0, {0xc000040240, 0x0, 0x0})
	/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:944 +0x847
github.com/spf13/cobra.(*Command).ExecuteC(0x25588a0)
	/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:1068 +0x3bd
github.com/spf13/cobra.(*Command).Execute(...)
	/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:992
code.vikunja.io/api/pkg/cmd.Execute()
	/go/src/code.vikunja.io/api/pkg/cmd/cmd.go:44 +0x25
main.main()
	/go/src/code.vikunja.io/api/main.go:22 +0x17

goroutine 21 [select, 4 minutes]:
database/sql.(*DB).connectionOpener(0xc00010f860, {0x1a75be0, 0xc0004b61e0})
	/usr/local/go/src/database/sql/sql.go:1218 +0x8d
created by database/sql.OpenDB
	/usr/local/go/src/database/sql/sql.go:791 +0x18d

goroutine 22 [select, 4 minutes]:
github.com/robfig/cron/v3.(*Cron).run(0xc000342000)
	/go/pkg/mod/github.com/robfig/cron/v3@v3.0.1/cron.go:263 +0xab9
created by github.com/robfig/cron/v3.(*Cron).Start
	/go/pkg/mod/github.com/robfig/cron/v3@v3.0.1/cron.go:222 +0xca

goroutine 23 [chan receive, 4 minutes]:
github.com/ThreeDotsLabs/watermill/message.(*Router).Run(0xc000274000, {0x1a75c18?, 0xc000046070?})
	/go/pkg/mod/github.com/!three!dots!labs/watermill@v1.2.0/message/router.go:370 +0x2bd
code.vikunja.io/api/pkg/events.InitEvents()
	/go/src/code.vikunja.io/api/p

2023-08-10T22:50:28.424513454Z: WEB 	▶ 172.22.0.1  POST 500 /api/v1/user/password 498.297099ms - Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/116.0

[kolaente]

Related: https://kolaente.dev/vikunja/api/issues/1587

[MadWalnut]

Thank you, that fixes it. Would it be possible to push a release to latest including this commit? I would like to avoid staying on the unstable branch in production.

[kolaente]

I'll publish a release with the fix within the next few weeks, once I'm confident I've caught most of the problems.

[letshin]

Was just about to leave a message re this, glad to see it has been addressed.

[georgejung]

I spent a few hours trying different DB backends (was using mysql when i encountered this problem) before stumbling across this. Using unstable does the trick. Thanks!