如何比較 bcrypt hash 密碼
[英]how to compare bcrypt hash password
問題描述
我是節點 js 的新手,我正在嘗試驗證加密的密碼,並且我已經給出了我嘗試過的以下代碼。
async function passCheck(event) {
// in event i am passing user entered password and email
var EnteredPassword = bcrypt.hashSync(event.password, 10); //10 saltrounds
var fromDB = await pool.query('SELECT password from User WHERE email = ?', event.emailID);
if (EnteredPassword == fromDB) {
//Here i am comparing
console.log('valid');
} else {
console.log('invalid');
}
}
2 個解決方案
解決方案1
1 已采納 2021-01-27 14:00:10
bcrypt有一個用於比較哈希的內置方法。
async function passCheck(event) {
var fromDB = await pool.query('SELECT password from User WHERE email = ? Limit 1', event.emailID);
// --------------------------------------------------------------------------^
// Added limit 1 to make sure the only one record will be returned.
if (fromDB.length > 0 && await bcrypt.compare(event.password, fromDB[0].password)) {
//Here i am comparing
console.log('valid');
} else {
console.log('invalid');
}
}
DB 結果集通常返回一個對象數組,因此,您應該檢查是否有一些結果( fromDB.length > 0 ),然后將哈希字符串本身傳遞給 compare 方法。
解決方案2
0 2021-01-27 13:52:44
嘗試這個
const auth = await bcrypt.compare(EnteredPassword , fromDB)
if(auth ){
console.log("valid");
}
else{
console.log("invalid")
}
Bcrypt哈希密碼與Mongodb中保存的密碼哈希不同
[英]Bcrypt hash password is not the same of password hash saved in Mongodb
不確定如何對使用 bCrypt.compare() 的密碼驗證 function 進行單元測試,未定義
[英]Unsure of how to unit test password validation function that uses bCrypt.compare(), getting undefined
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.