javascript - Node bcrypt's compare always returns false -
i stumped trying passwords compare bcrypt using node. maybe missed something, on business relationship creation, next within signup method (with code abbreviated):
bcrypt.gensalt(10, function(err, salt) { if(err) { } bcrypt.hash(user.password, salt, function(err, hash) { console.log('hashing , saving'); db.query(db insert code, function (error, rows, fields) { if(error) { console.log(error); res.setheader('500', { 'content-type': 'x-application/json'}); res.send({userid: 0, errormessage: 'something terrible happened.'}); } else { console.log('user created : ' + rows.insertid); res.setheader('200', { 'content-type': 'x-application/json'}); res.send({userid: rows.insertid}); } }); }); }); homecoming next(); this works fine. db has encrypted password. when user signs in, cannot successful result bcrypt.compare:
db.query(get business relationship code, function(error, rows, fields) { if(rows.length == 1) { bcrypt.compare(request.params.password, rows[0].password, function(err,res) { if(err) { console.log(err.tostring()); } if(res == true) { response.setheader('200', { 'content-type': 'x-application/json' }); response.send({result: true}); } else { response.setheader('401', { 'content-type': 'x-application/json' }); console.log('invalid password'); response.send({result:false}); } }); } }); homecoming next(); and end invalid password. need take cleartext password , re-encrypt before comparing pull out of database?
you can skip doing bcrypt.gensalt , utilize bcrypt.hash(password, 10, function(err, hash) {..});
your compare function seems me.
this working fine me:
var bcrypt = require('bcrypt'); bcrypt.hash('mypassword', 10, function(err, hash) { if (err) { throw (err); } bcrypt.compare('mypassword', hash, function(err, result) { if (err) { throw (err); } console.log(result); }); }); javascript node.js bcrypt
No comments:
Post a Comment