check if pw exists before calling brcypt, add error msging

Author: raclim

server/models/user.js

@@ -162,7 +162,16 @@ userSchema.set('toJSON', {
 userSchema.methods.comparePassword = async function comparePassword(
   candidatePassword
 ) {
-  return bcrypt.compare(candidatePassword, this.password);
+  if (!this.password) {
+    throw new Error('No password is set for this user.');
+  }
+
+  try {
+    return await bcrypt.compare(candidatePassword, this.password);
+  } catch (error) {
+    console.error('Password comparison failed!', error);
+    return false;
+  }
 };
 
 /**