问题描述
我正在尝试使用 bcryptjs 进行密码验证,
const bcrypt = require('bcryptjs');
login(post){
this.uid = post.uid;
this.pin = post.pin;
this.getUser(this.uid);
if(this.checkUser != undefined && this.pin != undefined){
console.log(this.checkUser)
console.log(this.pin)
console.log(this.checkUser["pin"])
bcrypt.compare(this.checkUser["pin"],this.pin,(err,res) => {
if (err){
console.log("Something went wrong " + err)
// handle error,Wrong password
}
else if (res) {
// Send JWT,Correct password
console.log("It worked! " + res)
// TEMP
sessionStorage.setItem("name",this.checkUser["name"]);
sessionStorage.setItem('loggedin',"true");
location.reload();
//
}
else {
console.log("Something else went wrong!")
}
});
}
}
getUser(uid){
this.BrukerService.getSingle(uid).subscribe((res: String) => {
this.checkUser = JSON.parse(res);
},(err) => {
this.error = err;
});
}
this.checkUser:
{id: "1",uid: "1234",pin: "$2a$05$7251G35/U5YfLby9oQrqpOA58szCqWEo4lOSLxRmn0HV1nZ4Tn962",created: "2020-12-21 14:28:00",name: "Martin"}
this.pin:
1234
this.checkUser["pin"]:
$2a$05$7251G35/U5YfLby9oQrqpOA58szCqWEo4lOSLxRmn0HV1nZ4Tn962
checkUser 是从数据库中检索的,this.pin 是用户的正确传递。 bcrypt.compare 无论如何都会转到 else,所以它总是记录“其他事情出错了”,我不明白可能是什么问题,它正确输出哈希和 pin,即使我将它们作为字符串直接插入到bcrypt.compare 函数,它转到 else,res 始终为 false 且 err 为 null。
解决方法
按照 bcryptjs 文档 https://www.npmjs.com/package/bcryptjs 所说的:
bcrypt.compare("not_bacon",hash,function(err,res) {
// res === false
});
当它应该是第二个参数时,您首先拥有哈希 (this.checkUser["pin"]) 参数。