堆栈内存溢出
  简体   繁体   English

Bcrypt 比较总是在 NodeJS 中返回 TRUE

[英]Bcrypt compare always returning TRUE in NodeJS

 原文  2021-10-04 18:09:23       node.js/ bcrypt

问题描述

I'm making my own small API, and I've coded out the following POST request to my MongoDB database:我正在制作自己的小 API,我已经将以下 POST 请求编码到我的 MongoDB 数据库:

api.post("/account/login", async (req, res) => {

    const user = {
        username: req.body.username,
        password: req.body.password
    };

    const username = JSON.stringify(user.username);

    const hashedPassword = await logincollection.find(user.username).toArray();
    const hardCodedPassword = "$2b$10$q0iOBFTqqZ3vnp5oqDQUqejdS7UD/ayw4Q4qgi5hs1pfFI.xfipDS"
    console.log(hashedPassword)

    // Search for matching login credentials
    logincollection.find(user, (err, result) => {

        try {

            if (bcrypt.compare(req.body.password, hardCodedPassword)) {
            
                // Return credentials back to the client
                const sendObject = {
                    username: result.username,
                    password: result.password
                };

                console.log(sendObject);
                    
                // Return code 200 (success) to the client
                res.status(200).send(sendObject);

                // Log to console when user logs in
                console.log("User " + username + " logged in");

            }

        } catch(error) {

            // If matching credentials were not found, return code 404 (wrong credentials) to the client
            res.status(404).send()

        }

    })

})

I have set a valid hardcoded password for purely testing purposes.我已经为纯粹的测试目的设置了一个有效的硬编码密码。 When this request is processed, console.log(sendObject) prints undefined results to the console and bcrypt returns true , no matter what password I put in. What's the problem here?处理此请求时,无论我输入什么密码, console.log(sendObject)将未定义的结果打印到控制台并且 bcrypt 返回true 。这里有什么问题?

1 个解决方案

解决方案1
 1 已采纳  2021-10-04 18:35:35

As @jonrsharpe said, bcrypt.compare returns a Promise not a value.正如@jonrsharpe 所说, bcrypt.compare返回一个 Promise 而不是一个值。 You must use a callback function, Promise.then() or async/await to handle the asynchronous result.您必须使用回调 function、Promise.then() 或 async/await 来处理异步结果。

// Search for matching login credentials
logincollection.find(user, (err, result) => {

  bcrypt.compare(req.body.password, hardCodedPassword)
  .then(match => {      
    if (match) {
      // Return credentials back to the client
      const sendObject = {
          username: result.username,
          password: result.password
      };

      console.log(sendObject);
          
      // Return code 200 (success) to the client
      res.status(200).send(sendObject);

      // Log to console when user logs in
      console.log("User " + username + " logged in");          
    } else {
      // If matching credentials were not found, return code 404 (wrong credentials) to the client
      res.status(404).send()          
    }
  })
  .catch(error => {
    res.status(500).send()
  })
})

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Bcrypt NodeJS 比较密码总是返回 false - Bcrypt NodeJS compare password always returning false bcrypt与nodejs比较始终为false - bcrypt with nodejs compare always false bcrypt-nodejs.compare总是返回false - bcrypt-nodejs.compare always returns false 使用bcrypt.compare总是返回false - Using bcrypt.compare is returning false always bcrypt.compare() 总是返回 false - bcrypt.compare ( ) always returning false bcrypt-nodejs比较函数始终返回false - bcrypt-nodejs compare function always return false nodejs-bcrypt:比较哈希与密码总是返回不匹配 - nodejs - bcrypt: compare hash with password always return not match Bcrypt比较问题nodejs - Bcrypt compare issue nodejs bcrypt 没有返回任何东西 - bcrypt is not returning anything NODEJS Nodejs bcrypt 比较无法正常工作 - Nodejs bcrypt compare not working properly
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM