Bcrypt compare issue nodejs - javascript

I've got myself two functions, first is responsible for adding a user model to database and second one for comparing passwords. But.. comparing never works..
module.exports.signup = function (req, res) {
if (req.body == null) {
res.status(400);
return res.end('Bad juju');
} else {
let exists;
User.findOne({ username: req.body.username }),
(err, doc) => {
if (doc) {
exists = true;
return;
}
};
if (exists) {
res.setHeader('user-exists', true);
res.redirect('/signup');
} else {
bcrypt.hash(req.body.password, 10, function (hashE, hash) {
if (hashE) {
throw hashE;
}
new User({
username: req.body.username,
email: req.body.email,
password: hash,
}).save();
});
return res.redirect('/login');
}
}
};
module.exports.login = function (req, res) {
if (req.body.tosignup) {
return res.redirect('/signup');
}
if (req.body == null) {
res.status(400);
return res.end('Bad request');
} else {
User.findOne({ username: req.body.username }, (err, doc) => {
if (err) throw console.log(err);
console.log(doc.password);
console.log(req.body.password);
bcrypt.hash(req.body.password, 10, (err, s) => {
console.log(s);
});
bcrypt.compare(req.body.password, doc.password, (err, succ) => {
if (err) {
throw err;
}
console.log(err);
console.log(succ);
if (succ) {
res.setHeader('username', doc.username);
return res.redirect('/welcome');
} else {
res.setHeader('password-wrong', true);
return res.redirect('/login');
}
});
});
}
};
I've looked for different sources and all of them told that this one method is the correct one, but every time I try using it, it just doesn't work

I had a similar problem using bcrypt in nodejs. To solve the problem i switched from npm bcrypt to npm bcryptjs (https://www.npmjs.com/package/bcryptjs) and used the following:
NPM require:
const bcrypt = require('bcryptjs');
To compare the passwords you can use the following code:
async function compareIt(password, hashedPassword) {
const validPassword = await bcrypt.compare(password, hashedPassword);
return validPassword;
}
compareIt(password, passwordBD).then(v => {
if (v == true) {
console.log("Equal");
} else {
console.log("Not equal");
}
});
To hash the password you can use this function:
async function hashIt(password) {
const salt = await bcrypt.genSalt(6);
const hashed = await bcrypt.hash(password, salt);
return hashed;
}

Related

How to fix Data and hash arguments required error

I'm trying to let the user sign in using either email or username, I'm trying this code in Postman and each time I try it gives me this error:
"success":false,"status":500,"message":"data and hash arguments
required","stack":"Error: data and hash arguments required\n at
Object.compare
Auth.js Configurations:
const emailRegex = "/^\w+([\.-]?\w+)*#\w+([\.-]?\w+)*(\.\w{2,3})+$/";
router.post("/login", async (req, res, next) => {
const isEmail = String(req.body.emailOrUsername).match(emailRegex);
try {
if (!req.body.password) {
return next(createError(400, "Invalid password"));
}
let user;
if (isEmail) {
user = await User.findOne({ where: { email: req.body.emailOrUsername } });
} else {
user = await User.findOne({ where: { username: req.body.emailOrUsername } });
};
if (!user) return next(createError(404, "User not found!"));
const isPasswordCorrect = await bcrypt.compare(
req.body.password,
user.password
);
if (!isPasswordCorrect) return next(createError(400, "Wrong password!"));
const { password, ...others } = user._doc;
res.status(200).json(others);
} catch (err) {
next(err);
}
});
I'm not sure what I'm missing here!

findByIdAndUpdate not updating the object Node.js

I have the following code to update Users information by Id:
router.put("/:id", async (req, res) => {
if (req.body.userId === req.params.id || req.body.isAdmin) {
if (req.body.password) {
try {
const salt = await bcrypt.genSalt(10);
req.body.password = await bcrypt.hash(req.body.password, salt);
} catch (err) {
return res.status(500).json(err);
}
}
try {
await User.findByIdAndUpdate(req.params.id, { $set: req.body });
res.status(200).json("Account has been updated");
} catch (err) {
return res.status(500).json(err);
}
} else {
return res.status(403).json("You can update only your account!");
}
});
I pass the new fields and findByIdAndUpdate is returning the catch error, I'm new to node and following a tutorial.

Mongoose 'Query was already executed' error

As the name states, I keep getting a "Query was already executed" while running Mongoose.find queries. Using '.clone' does not seem to be fixing the issue...
My calling code is:
let result = mongo.isValidUsername(req.body.username).then((data) => {
return data;
});
if ((await result) == false) {
res.send("Sorry, that username is unavailable");
} else {
mongo
.addUser(
req.body.username,
req.body.password,
req.body.firstName,
req.body.lastName,
req.body.email,
req.body.phoneNumber
)
.then(() => {
let profileData = mongo.getProfileData(req.body.username);
profileData
.then((data) => {
res.render("accountDisplay", {
results: data,
trans: [9.99],
});
})
.catch((err) => {
console.log(err);
});
});
}
I call a query twice - Once in isValidUsername() at the beginning (where I have not used .clone) and then again in getProfileData( where I HAVE used .clone).
I keep getting this error. Any idea what could be causing it?
Here is the code for isValidUsername() and getProfileData(), just in case...
async function isValidUsername(usernameToQuery) {
//connect to mongoose database
mongoose.connect("mongodb://localhost:27017/bankDB");
try {
let isValid = UserModel.findOne({ username: usernameToQuery }).then(
(data) => {
if (data == null) {
return true;
} else {
return false;
}
}
);
return await isValid;
} catch (err) {
return err;
}
}
async function getProfileData(usernameToQuery) {
mongoose.connect("mongodb://localhost:27017/bankDB");
let profileData = UserModel.findOne({ username: usernameToQuery }).clone();
console.log(await profileData);
let profileArray = await profileData.then((data) => {
return [
data._doc.firstName,
data._doc.lastName,
data._doc.email,
data._doc.phoneNumber,
];
});
return await profileArray;
}

Problem hashing password with bcrypt on node.js

I have the code below. I'm trying to hash my admin password when they get registered. The password initially is set to default via the mongoose schema. Below are my codes. But it is not hashing.
AdminSchema.pre('save', function(next){
let admin = this; // bind this
if(admin.$isDefault('password')) {
bcrypt.genSalt(12, (err, salt)=> { // generate salt and harsh password
bcrypt.hash(admin.password, salt, (err, hash)=> {
admin.password = hash;
return next();
});
});
}
if(!admin.isModified('password')) {
return next();
}
bcrypt.genSalt(12, (err, salt)=> { // generate salt and harsh password
bcrypt.hash(admin.password, salt, (err, hash)=> {
admin.password = hash;
next();
});
});
});
It's because bcrypt method are execute asynchronously so for the first time this will be always executed
if(!admin.isModified('password')) {
return next();
}
this should work
AdminSchema.pre('save', function(next) {
const admin = this // bind this
if (admin.$isDefault('password') || admin.isModified('password')) {
bcrypt.genSalt(12, (err, salt) => { // generate salt and harsh password
if (err) {
return next(err);
}
bcrypt.hash(admin.password, salt, (err, hash) => {
if (err) {
return next(err);
}
admin.password = hash
return next()
})
})
} else {
return next();
}
})

pre() in es6 not running as expected?

Postman is returning error whenever i include this pre() function,
it returns an error else its working and everything is getting stored in db using mongodb.
Is there something wrong in ES6 format that i have used or any other?
Below is the code :
// userschema is the name of the schema //
// SALT_I = 10 //
userSchema.pre('save', next => {
if (this.isModified('password')) {
bcrypt.genSalt(SALT_I, (err, salt) => {
if (err)
return next(err)
bcrypt.hash(this.password, salt, (err, hash) => {
if (err)
return next(err)
this.password = hash
next()
})
})
} else
next()
})
here is the postman error:
{
"success": false,
"err": {}
}
and it is as i am making a post request using the function:
app.post('/api/users/register', (req, res) => {
const user = new User(req.body)
user.save((err, data) => {
if (err) return res.json({ success: false, err })
res.status(200).json({
success: true,
userdata: data
})
})
})
You cannot use ES6 spread operator but ES5 syntax works just fine:
userSchema.pre('save', function (next) {
const user = this
if (user.isModified('password')) {
bcrypt.genSalt(SALT_I, function (err, salt) {
if (err) {
console.log("inside gensalt if")
return next(err)
}
bcrypt.hash(user.password, salt, function (err, hash) {
if (err) {
console.log("inside bcrpt hash")
return next(err)
}
user.password = hash
next()
})
})
} else
next()
})

Categories