You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$2b$10$8UMFhEZrwc85vytIGyE2v.mX3CYU/ANojK8ZeaO2bXPs5Lttis7sq
but after storing this hash in a variable and storing into the db I found the hash was different
$2b$10$ELPnmKkLLvrPW7QCVSrIp.c3Jn5VuoTsEL7OKnJ5QnJe6ZC2jYb6q
why is that assigning to the variable and storing in database making different hash
i've also tried this
user.password = await bcrypt.hash(password, salt)
where I'm storing the hash directly and literally I've manually compared the hash and hash is same but it doesn't seem to work at this point, I've given up
I'm using MongoDB and Mongoose and here's my schema constraint(length tries)
password: {
type: String,
},
I have also tried
password: {
type: String,
maxlength:60
},
password: {
type: String,
maxlength:1000
},
The interesting part here is that it works on the simple register/login user fine for example
userSchema.pre('save', async function () {
const salt = await bcrypt.genSalt(10)
if (!this.password) return
this.password = await bcrypt.hash(this.password, salt)
})
when I try to log in it'll actually work fine and compare doesn't return false
package version
"bcrypt": "^5.1.1",
OS Version
10.0.22621 Build 22621
The text was updated successfully, but these errors were encountered:
Hy i just found the bug what went wrong after spinning my head all day
uf you're using the userSchema.pre('save', async function () { const salt = await bcrypt.genSalt(10) if (!this.password) return this.password = await bcrypt.hash(this.password, salt) })
this the behaviour you've encounter is expected lemme tell you why is that
so the thing is that whenever we save the user.save() what mongo db does is actually re run this middleware
so you're something like that user.name='sameer'
and then user.password = await bcrypt.hash(password, salt)
this won't work because we're directly assigning the
The issue arises from pre-save hooks, which are middleware functions invoked before the document is saved, being called before the document is saved. This results in the generation of different hashed passwords.
I've run into the same problem which's like compare always returns false but with some strange behaviour.
so I've tried every solution which in previous closed (bcrypt returning false) were mentioned(mostly regarding the length issue)
But here's strange thing behavior I found
the thing is here
hashpassword
is$2b$10$8UMFhEZrwc85vytIGyE2v.mX3CYU/ANojK8ZeaO2bXPs5Lttis7sq
but after storing this hash in a variable and storing into the db I found the hash was different
$2b$10$ELPnmKkLLvrPW7QCVSrIp.c3Jn5VuoTsEL7OKnJ5QnJe6ZC2jYb6q
why is that assigning to the variable and storing in database making different hash
i've also tried this
where I'm storing the hash directly and literally I've manually compared the hash and hash is same but it doesn't seem to work at this point, I've given up
I'm using MongoDB and Mongoose and here's my schema constraint(length tries)
The interesting part here is that it works on the simple register/login user fine for example
when I try to log in it'll actually work fine and compare doesn't return false
package version
OS Version
The text was updated successfully, but these errors were encountered: