Search code examples
javascriptbcrypt

Bcrypt unable to work, Bcrypt.compareSync always return false

The issue I am facing is that when the code is used on other computers, bcrypt.comparesync can return true. However, it always returns false on my computer, no matter if the text being compared is the same or different. Is this some sort of bug that I am facing, as my code used to work in the past but suddenly it stops working. Why is that so?

My code:

const bCrypt = require('bcrypt');
var WebToken = require('jsonwebtoken');
var SecretKey = "Somesecretkey";

class ProfilesDB
{
    getLoginCredentials(request, respond){
        var username = request.body.username;
        var password = request.body.password;
 
        var sql = "SELECT password FROM restaurant_review.profile WHERE username = ?";
 
        var profileValues = [username,password];

        db.query(sql, profileValues, function(error, result) 
        {
            if(error)
            {
                throw error;
            }
            else
            {
                //console.log(result[0].password);
                const hash = result[0].password;
                var flag = bCrypt.compareSync(profileValues[1],hash);
                if (flag)
                {
                    var token = WebToken.sign(username,SecretKey);
                    respond.json({result:token});
                }
                else
                {
                    respond.json({result:"Invaild"});
                }
            }
        });
    }
    
    getAllProfiles(request, respond)
    {
        var sql = "SELECT * FROM restaurant_review.profile";
        db.query(sql, function(error, results){
            if(error)
            {
                throw error;
            }
            else
            {
                respond.json(results);
            }

        });
    }

    addProfile(request, respond)
    {
        //Creating a new profile class, calls for a new profile, to create a new "profile"
        var profileObject = new Profile(null, request.body.firstName, 
            request.body.lastName, request.body.username, request.body.password,
            request.body.email);
        //To encrypt the password
        profileObject.password = bCrypt.hashSync(profileObject.password,10);
        //Question mark is used as a place holder.
        var sql = "INSERT INTO restaurant_review.profile (firstName, lastName, username, password, email) Values(?,?,?,?,?)";
        
        var profileValues = [profileObject.getFirstName(), 
            profileObject.getLastName(), profileObject.getUsername(), 
            profileObject.getPassword(), profileObject.getEmail()];

        db.query(sql, profileValues, function(error, result){
              if(error)
             {
                 throw error;
             }
            else
             {
                 respond.json(result);
             }
         });
    }

enter image description here

Solution

  • If it works on other computers but not yours then it could be from something other than bcrypt package, e.g., database is not configured property, etc. Maybe the password field in your database table has restriction on the number of characters and the hashed password exceeds this number? Check the type of password field in your table and make sure it is not something like varchar(x) with a small value for x.