test: Fix randomly failing UM tests (#3061)

* ⚡ Declutter test logs

* 🐛 Fix random passwords length

* 🐛 Fix password hashing in test user creation

* 🐛 Hash leftover password

* ⚡ Improve error message for `compare`

* ⚡ Restore `randomInvalidPassword` contant

* ⚡ Mock Telemetry module to prevent `--forceExit`

* ⚡ Silence logger

* ⚡ Simplify condition

* ⚡ Unhash password in payload

packages/cli/src/UserManagement/UserManagementHelper.ts

@@ -4,8 +4,10 @@
 import { Workflow } from 'n8n-workflow';
 import { In, IsNull, Not } from 'typeorm';
 import express = require('express');
+import { compare } from 'bcryptjs';
+
 import { PublicUser } from './Interfaces';
-import { Db, GenericHelpers, ResponseHelper } from '..';
+import { Db, ResponseHelper } from '..';
 import { MAX_PASSWORD_LENGTH, MIN_PASSWORD_LENGTH, User } from '../databases/entities/User';
 import { Role } from '../databases/entities/Role';
 import { AuthenticatedRequest } from '../requests';
@@ -216,3 +218,20 @@ export function isPostUsersId(req: express.Request, restEndpoint: string): boole
 export function isAuthenticatedRequest(request: express.Request): request is AuthenticatedRequest {
 	return request.user !== undefined;
 }
+
+// ----------------------------------
+//            hashing
+// ----------------------------------
+
+export async function compareHash(str: string, hash: string): Promise<boolean | undefined> {
+	try {
+		return await compare(str, hash);
+	} catch (error) {
+		if (error instanceof Error && error.message.includes('Invalid salt version')) {
+			error.message +=
+				'. Comparison against unhashed string. Please check that the value compared against has been hashed.';
+		}
+
+		throw new Error(error);
+	}
+}

packages/cli/src/UserManagement/routes/auth.ts

@@ -3,13 +3,12 @@
 /* eslint-disable @typescript-eslint/no-non-null-assertion */
 /* eslint-disable @typescript-eslint/no-unsafe-member-access */
 import { Request, Response } from 'express';
-import { compare } from 'bcryptjs';
 import { IDataObject } from 'n8n-workflow';
 import { Db, ResponseHelper } from '../..';
 import { AUTH_COOKIE_NAME } from '../../constants';
 import { issueCookie, resolveJwt } from '../auth/jwt';
 import { N8nApp, PublicUser } from '../Interfaces';
-import { isInstanceOwnerSetup, sanitizeUser } from '../UserManagementHelper';
+import { compareHash, isInstanceOwnerSetup, sanitizeUser } from '../UserManagementHelper';
 import { User } from '../../databases/entities/User';
 import type { LoginRequest } from '../../requests';
 
@@ -43,7 +42,8 @@ export function authenticationMethods(this: N8nApp): void {
 			} catch (error) {
 				throw new Error('Unable to access database.');
 			}
-			if (!user || !user.password || !(await compare(req.body.password, user.password))) {
+
+			if (!user || !user.password || !(await compareHash(req.body.password, user.password))) {
 				// password is empty until user signs up
 				const error = new Error('Wrong username or password. Do you have caps lock on?');
 				// @ts-ignore