From 75803d2502bf6b048e8a7a9084436f1e96d64920 Mon Sep 17 00:00:00 2001
From: Guybrush aka Gabriele Labita <gabriele.labita@linux.it>
Date: Fri, 2 Jan 2026 21:16:50 +0100
Subject: [PATCH] fix: check on responseJSON when wrong password

Signed-off-by: Guybrush aka Gabriele Labita <gabriele.labita@linux.it>
---
 scripts/js/login.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/scripts/js/login.js b/scripts/js/login.js
index 46ec2dd41f..51e6867517 100644
--- a/scripts/js/login.js
+++ b/scripts/js/login.js
@@ -34,7 +34,12 @@ function wrongPassword(isError = false, isSuccess = false, data = null) {
     $("#error-message").text("");
     $("#error-hint").hide();
     $("#error-hint").text("");
-    if (data !== null && "error" in data.responseJSON && "message" in data.responseJSON.error) {
+    if (
+      data &&
+      data.responseJSON &&
+      "error" in data.responseJSON &&
+      "message" in data.responseJSON.error
+    ) {
       // This is an error, highlight both the password and the TOTP field
       isErrorResponse = true;
       // Check if the error is caused by an invalid TOTP token