fix: make legacy PIN rehash non-blocking in verify_pin (#54)

Replace hash_pin(pin)? with hash_pin(pin).ok() so that a rehash failure does not propagate as an error. The user can now switch profiles even if the Argon2id re-hashing step fails — the PIN is still correctly verified, and the legacy hash remains until the next successful login. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-09 06:02:15 -04:00 · 2026-04-09 06:02:15 -04:00 · 086650c88a
commit 086650c88a
parent 8e27be8c41
1 changed files with 4 additions and 3 deletions
--- a/src-tauri/src/commands/profile_commands.rs
+++ b/src-tauri/src/commands/profile_commands.rs
@ -191,9 +191,10 @@ pub fn verify_pin(pin: String, stored_hash: String) -> Result<VerifyPinResult, S
    let valid: bool = result.as_slice().ct_eq(&expected_hash).into();

    if valid {
-        // Re-hash with Argon2id so this legacy PIN is upgraded
-        let new_hash = hash_pin(pin)?;
-        Ok(VerifyPinResult { valid: true, rehashed: Some(new_hash) })
+        // Re-hash with Argon2id so this legacy PIN is upgraded.
+        // If rehash fails, still allow login — don't block the user.
+        let rehashed = hash_pin(pin).ok();
+        Ok(VerifyPinResult { valid: true, rehashed })
    } else {
        Ok(VerifyPinResult { valid: false, rehashed: None })
    }