我是Express.js和Passport.js的新手,所以我可能做错了什么,因为bcrypt comapare函数总是返回false。
public static findUser = async ({ email, password }) => {
const pool = await new sql.ConnectionPool(CommonConstants.connectionString).connect();
const request = pool.request();
const result = await request
.input("Email", sql.NVarChar, email)
.execute("FindUserSP");
const user = result.recordset;
return await bcrypt.compare(password, user[0].Password) ? user : {};
};
散列就是这样创建的:
const password = req.body.Password;
const email = req.body.Email;
const salt = await bcrypt.genSalt(10);
const hash = await bcrypt.hash(password, salt);
测试用例:
Hash: $2b$10$nK1.wW71NcBIQkMQq6wpHe/HMhCjOaQNy9BpfPDef01
password: 123
version: 3.0.2
检查数据库是否未截断数据。散列通常应该是60个字符,而不是来自的50个字符
const salt = await bcrypt.genSalt(10);
const hash = await bcrypt.hash(password, salt);
已测试:https://repl.it/@CodyGeisler/bcrypt测试?language=nodejs