node.js - 即使代码看起来不错，为什么 Bcrypt 总是返回 false

问题描述

../Passport.js

const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");
const mongoose = require("mongoose");
const User = require("../models/User.js");
module.exports = function (passport) {
  passport.use(
    new LocalStrategy(
      { usernameField: "email", passwordField: "password" },

      (email, password, done) => {
        console.log(email, password);
        User.findOne({ email: email }, async function (err, user) {
          console.log(password, user.password);
          if (err) {
            return done(err);
          }
          if (!user) {
            return done(null, false, {
              message: "No User found against this email address",
            });
          } else if (!user.isEmailVerified) {
            return done(null, false, {
              message: "User needs to verify the OTP",
            });
          }

          var result = await bcrypt.compare(password, user.password);
          if (result) {
            return done(null, user);
          }
          if (!result) {
            return done(null, false, { message: "Incorrect Password" });
          }
        });
      }
    )
  );
};

用户.js

router.post(
  "/login",
  validateEmail,
  validatePassword,
  validator,
  (req, res, next) => {
    passport.authenticate(
      "local",
      { session: false },
      function (err, user, info) {
        console.log("::Err::", err, "::User::", user, "::Info::", info);
        if (err) {
          next(new BadRequestResponse(err));
        }

        if (!user) {
          next(new UnauthorizedResponse(info.message, 401));
        } else {
          next(new OkResponse({ user: user.toAuthJSON() }));
        }
      }
    )(req, res, next);
  }
);

多年来，我一直在努力寻找为什么bcrypt继续返回“false”的问题，即使 hased 密码和输入的密码相同。请忽略“/login”路由器之后的中间件，因为它们不会影响整个流程

标签： node.jsexpresspassport.jsmean-stackmern