堆栈内存溢出
  简体   繁体   English

当密码包含数字时,bcryptjs 比较 function 返回 false

[英]bcryptjs compare function returns false when passwords contain numbers

 原文  2020-08-14 07:15:02       javascript/ node.js/ express/ authentication/ bcrypt

问题描述

I have used bcryptjs to hash my passwords and the registration of the user takes place fine.我已经使用 bcryptjs 到 hash 我的密码,并且用户注册正常。 But when I try to login, the bcrypt.compare function returns a false promise if the passwords contain numbers or other characters.但是当我尝试登录时,如果密码包含数字或其他字符,bcrypt.compare function 会返回错误的 promise。
Everything works fine if the password is just letters.如果密码只是字母,一切正常。
I have searched everywhere but could not find a solution for this error?我到处搜索,但找不到解决此错误的方法?
Here are my files:这是我的文件:

users.js (MODEL) users.js(模型)

var mongoose = require("mongoose");
var bcrypt = require("bcryptjs");

var userSchema = mongoose.Schema({
    name: String,
    email: String,
    password: String,
    products: [{
        type: mongoose.Schema.Types.ObjectID,
        ref: "Product"
    }],
    username: String
});

var User = module.exports = mongoose.model("User", userSchema);
module.exports.createUser = function(newUser, callback) {
    bcrypt.genSalt(5,function(err,salt){
        bcrypt.hash(newUser.password,salt,function(err,hash){
            newUser.password = hash;
            newUser.save(callback);
        });
    });
}

module.exports.comparePassword = function(candidatePassword, hash, callback){
    bcrypt.compare(candidatePassword, hash, function(err, isMatch) {
      if(err) throw err;
      console.log(isMatch);
      callback(null, isMatch);
    });
  }
  module.exports.getUserByUsername = function(username, callback){
    var query = {username: username};
    User.findOne(query, callback);
  }

app.js应用程序.js

app.use(passport.initialize());
app.use(passport.session());
var LocalStrategy = require("passport-local").Strategy;
passport.use(new LocalStrategy(
    function(username, password, done) {
        User.findOne({username:username}, function(err, user){
            if(err) throw err;
            if(!user) {
                return done(null,false, {message: 'Unknown user'});
            }
            User.comparePassword(password,user.password,function(err, isMatch){
                if(err) {
                    console.log("ERR1");
                    return done(err);
                }
                if(isMatch) {
                    console.log("MATCH");
                    return done(null,user);
                } else {
                    console.log("NOT VALID");
                    return done(null, false, {message: 'Invalid password'});
                }
            });
        });
    }
));

passport.serializeUser(function(user,done){
    done(null,user.id);
});
passport.deserializeUser(function(id,done){
    User.getUserById(id, function(err,user){
        done(err,user);
    })
})

users.js (ROUTE) users.js(路线)

router.post("/login", passport.authenticate('local', function (error, user, info){
    if(error) {
        console.error(error);
            console.log('Failed login:');
    }
    if (user === false) {
        console.log("user not found");
    } else {
        // handle successful login ...
        console.log("logged in");
    }
}), function (req, res) {
    res.send(req.user);
});

router.post("/signup", function (req, res) {
    console.log(req.body);
    var password = req.body.password;
    var password2 = req.body.password2;
    if(password == password2) {
        var newUser = new User ({
            name: req.body.name,
            email: req.body.email,
            username: req.body.username,
            password: req.body.username
        });

        User.createUser(newUser, function(err, user){
            if(err)
                throw err;
            console.log(user);
            res.send(user).end();   
        });
    } else {
        res.status(500).send("{errors: \"Passwords don't match\"}").end()
    }
});

Whenever I enter a password that contains numbers, I get每当我输入包含数字的密码时,我都会得到

false
NOT VALID
user not found

I'm sorry if I have done or not done something extremely simple.如果我做了或没有做过非常简单的事情,我很抱歉。 This is my first time using bcryptjs.这是我第一次使用 bcryptjs。 All answers are appreciated!感谢所有答案!

1 个解决方案

解决方案1
 0  2020-08-14 07:31:57

In the users.js file at the comparePassword function inside the compare method of bcrypt you are throwing the error instead of passing it to the callback.在用户.js 文件中comparePassword function 在 bcrypt 的compare方法中,您抛出错误而不是将其传递给回调。 Maybe if you make this change:也许如果您进行此更改:

module.exports.comparePassword = function(candidatePassword, hash, callback){
    bcrypt.compare(candidatePassword, hash, function(err, isMatch) {
      console.log(isMatch);
      callback(err, isMatch);
    });
}

You will see what kind of error it's generated by the case when you introduce numbers in your passwords.当您在密码中引入数字时,您会看到该案例会产生什么样的错误。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Bcryptjs无法比较密码Nodejs - Bcryptjs unable to compare passwords Nodejs 来自 bcryptjs 的 bcrypt.compare 总是返回 false - bcrypt.compare from bcryptjs always returns false 我使用 bcryptjs 比较的结果返回 false。 将明文与数据库(mongodb)中的散列密码进行比较时。(node-js) - my result from using bcryptjs compare returns false. When comparing plaintext to hashed password from database (mongodb).(node-js) Bcryptjs 总是返回 false - Bcryptjs always return false BCRYPTJS:为不同的密码返回相同的哈希值 - BCRYPTJS: returning same hash for different passwords 密码包含数字时,bcrypt比较返回false - bcrypt compare returning false when password contains numbers Node.js bcrypt比较函数始终返回false - Node.js bcrypt compare function always returns false 当布尔函数返回false时,&&运算符和执行 - && operator and execution when boolean function returns false 创建一个比较两个数字的函数 - Create a function to compare 2 numbers 如果if语句中的JavaScript函数为true,则它返回false。 - Javascript function returns false when it should be true from an if statement?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM