diff --git a/package-lock.json b/package-lock.json
index e13791d1..ba585fb6 100644
Binary files a/package-lock.json and b/package-lock.json differ
diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts
index de7a16d4..15aa2371 100644
--- a/src/routes/auth/login.ts
+++ b/src/routes/auth/login.ts
@@ -40,7 +40,7 @@ router.post(
 		}
 
 		// the salt is saved in the password refer to bcrypt docs
-		const same_password = await bcrypt.compare(password, user.hash);
+		const same_password = await bcrypt.compare(password, user.user_data.hash);
 		if (!same_password) {
 			throw FieldErrors({
 				password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" },