fix: allow custom password field when using disableLocalStrategy: true (#11893)

Fixes https://github.com/payloadcms/payload/issues/11888 Previously, if you had `disableLocalStategy: true` and a custom `password` field, Payload would still control it in `update.ts` by deleting. Now, we don't do that in this case, unless we have `disableLocalStetegy.enableFields: true`.
2025-04-04 20:52:10 +03:00
parent b76844dac9
commit 8ad22eb1c0
4 changed files with 89 additions and 1 deletions
--- a/test/auth/int.spec.ts
+++ b/test/auth/int.spec.ts
@@ -786,6 +786,20 @@ describe('Auth', () => {

      expect(response.status).toBe(403)
    })
+
+    it('should allow to use password field', async () => {
+      const doc = await payload.create({
+        collection: 'disable-local-strategy-password',
+        data: { password: '123' },
+      })
+      expect(doc.password).toBe('123')
+      const updated = await payload.update({
+        collection: 'disable-local-strategy-password',
+        data: { password: '1234' },
+        id: doc.id,
+      })
+      expect(updated.password).toBe('1234')
+    })
  })

  describe('API Key', () => {