Node's bcrypt Compare Returns False Though It's True

Question

This is driving me crazy. Here is the very simple code:

user = new User(_.pick(userData, ['name', 'email', 'password']));
const salt = await bcrypt.genSalt(15);
user.password = await bcrypt.hash(user.password, salt);
const samePass = await bcrypt.compare(user.password, userData.password);

samePass is always false. I have checked sample request password and the hash on https://bcrypt-generator.com and it does show them matched. bcrypt is always returning false. And you can see that the database has nothing to do with it.

Sample data (I have got both using the IDE debugger with a breakpoint at the samePass line):

user.password = $2b$10$nH2SGNZu9rdyz.V6qpT29eAhxKWfiOIr9ojOi96Ye2lQub.Pglof.
userData.password = oXmZ9pG5T4XtndH%#@A

kavigun · Accepted Answer

user.password = await bcrypt.hash(user.password, salt); //This line is generating the password hash

While comparing you pass the second argument as password hash stored in the database. But, here in your code, you are overriding the input user.password which contains the actual password which needs to be compared

const samePass = await bcrypt.compare(user.password, userData.password);

Change it to:

let passwordHash = await bcrypt.hash(user.password, salt);
const booleanResult = await bcrypt.compare(userData.password, passwordHash);

Node's bcrypt Compare Returns False Though It's True

Answers (2)

Related Questions

Node&#39;s bcrypt Compare Returns False Though It&#39;s True

Answers (2)

Related Questions

Node's bcrypt Compare Returns False Though It's True