我在登录过程中使用 bycrypt,但它似乎不起作用。我已经将之前经过哈希处理的密码存储在数据库中,因此我从数据库中检索它,然后将其与密码进行比较,但就像我的 bycrpt.compare 甚至没有在我的代码中激活一样。我已经验证我的密码和散列密码都在那里,它们确实有效,但仍然没有任何结果。
这是我的代码:
app.post("/login", (req, res) => {
const username = req.body.username;
const password = req.body.password;
const responseArr = [];
let passwordStatus = "";
db.query(
"SELECT password FROM users WHERE username = $1",
[username])
.then((res) => {
const hash = res.rows[0].password;
console.log("hash", hash);
console.log("password", password);
bcrypt.compare(hash, password, function(err, result) {
console.log("in func", res.rows[0].password)
console.log("in func", password)
if(result){
console.log("login success");
console.log(result);
passwordStatus = true;
}else{
console.log('login failed');
passwordStatus = false;
}
if (err) {
console.log("err", err)
}
})
console.log("passwordStatus", passwordStatus);
return passwordStatus;
})
.then((result) => {
if (result === true) {
const userResponse = db.query(
"SELECT user_id FROM users WHERE username = $1;",
[username]
);
return userResponse;
} else {
res.status(404);
console.log("result was false")
}
})
.then((response) => {
responseArr.push(response.rows);
res.status(200).send(responseArr);
})
.catch((error) => {
console.log("error:", error);
if (error) {
throw error;
}
});
});```
函数参数需要采用以下方式:-
// Load hash from your password DB.
bcrypt.compare(myPlaintextPassword, hash, function(err, result) {
// result == true
});
更换您的参数顺序。