科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - Invalid salt Error in autentication process in nodejs - Stack Overflow

    javascript - Invalid salt Error in autentication process in nodejs - Stack Overflow

    programmeradmin2浏览0评论

    Am new to javascript and nodejs, I wrote a code to do authentication of the user from the password and salt present in database, Below is the code in nodejs were i receive a usercode and password and i retrieve the data from database and compare the password and salt present in DB with the received password.

    The salt stored in DB is generated by base64 format.

    var Bcrypt = require('bcrypt');   
var pg = require('pg');
var usercode = 'tarun';
var clientid='214057357158656';
var password='tarun';
var connectionString = "postgres://dbusername:password@localhost:5432/USCProduction";
console.log('connectin to DB');
var client = new pg.Client(connectionString);
client.connect(function(err) {   

    if(err) {
        console.log(err);
      }
    var Query ='select password, salt from muser, mclient where usercode='+"'"+usercode+"'"+' and muser.clientid='+clientid+' and muser.clientid=mclient.clientid and mclient.status=1';
    console.log('executing query',Query);
    client.query(Query, function(err, result) {

   if(err){
       console.log('Error in executing Query');
       client.end();
   } else {
       console.log(result.rows);
       var passinDB=result.rows[0].password;
       var saltinDB=result.rows[0].salt;
       console.log('passwordinDB : ',passinDB);
       console.log('saltinDB : ',saltinDB);
 client.end();
    Bcrypt.hash(passinDB, saltinDB, function(err, hash) {
        if(err) {
                return console.error(err);
        }
        console.log(hash);
    Bcryptpare(password, hash, function(err, isMatch) {
        if(err) {
                return console.error(err);
        }
        console.log('do they match?', isMatch);
    });

});
   }
    });
});

    Am facing the following error while ececuting the code 

    passwordinDB :  StAxL1r3bb/5k/6D6+BulwxhXFs=
saltinDB :  FOhs8crXyO8=
    [Error: Invalid salt. Salt must be in the form of: $Vers$log2(NumRounds)$saltvalue]

    its unable to find number of rounds of the salt or any other i may be missing in the code ,how to over come this error.

    Thank You..!!

    Am new to javascript and nodejs, I wrote a code to do authentication of the user from the password and salt present in database, Below is the code in nodejs were i receive a usercode and password and i retrieve the data from database and compare the password and salt present in DB with the received password.

    The salt stored in DB is generated by base64 format.

    var Bcrypt = require('bcrypt');   
var pg = require('pg');
var usercode = 'tarun';
var clientid='214057357158656';
var password='tarun';
var connectionString = "postgres://dbusername:password@localhost:5432/USCProduction";
console.log('connectin to DB');
var client = new pg.Client(connectionString);
client.connect(function(err) {   

    if(err) {
        console.log(err);
      }
    var Query ='select password, salt from muser, mclient where usercode='+"'"+usercode+"'"+' and muser.clientid='+clientid+' and muser.clientid=mclient.clientid and mclient.status=1';
    console.log('executing query',Query);
    client.query(Query, function(err, result) {

   if(err){
       console.log('Error in executing Query');
       client.end();
   } else {
       console.log(result.rows);
       var passinDB=result.rows[0].password;
       var saltinDB=result.rows[0].salt;
       console.log('passwordinDB : ',passinDB);
       console.log('saltinDB : ',saltinDB);
 client.end();
    Bcrypt.hash(passinDB, saltinDB, function(err, hash) {
        if(err) {
                return console.error(err);
        }
        console.log(hash);
    Bcrypt.compare(password, hash, function(err, isMatch) {
        if(err) {
                return console.error(err);
        }
        console.log('do they match?', isMatch);
    });

});
   }
    });
});

    Am facing the following error while ececuting the code 

    passwordinDB :  StAxL1r3bb/5k/6D6+BulwxhXFs=
saltinDB :  FOhs8crXyO8=
    [Error: Invalid salt. Salt must be in the form of: $Vers$log2(NumRounds)$saltvalue]

    its unable to find number of rounds of the salt or any other i may be missing in the code ,how to over come this error.

    Thank You..!!

    • javascript
    • java
    • node.js
    • authentication
    • passwords
    Share Improve this question asked Jul 5, 2016 at 11:53 NagNag 3772 gold badges13 silver badges28 bronze badges 0
    Add a comment  | 

    6 Answers 6

    Reset to default 7

    It's a data type issue!

    saltRounds should be of type Number. The issue can arise if you're using an .env file to store the value - all values are stored as Strings in the env file.

    In this case either assign the value in the code const saltRounds = 10 or coerce the env variable to a number const saltRounds = Number(process.env.BCRYPT_COST);.

    Better still, since this value is not about to change, it can directly be passed to the hash function

    const passwordHash = await bcrypt.hash(password, 10);

    A readable way to generate:

    const bcrypt = require("bcryptjs")

const hash = async (text, size) => {
    try {
        const salt = await bcrypt.genSalt(size);

        const hash = await bcrypt.hash(text, salt);

        return hash
    } catch(error) {
        console.log(error)
    }
}

    convert saltinDB to int

    saltinDB = parseInt(saltinDB)

    In this line,

    Salt must be in the form of: $Vers$log2(NumRounds)$saltvalue]

    $Vers is bcrypt_id
    $log2(NumRounds) is a parameter that tells it how many times to execute that internal hash function.

    So you need to generate salt and has password in this way: 

    var bcrypt = require('bcryptjs');
bcrypt.genSalt(10, function(err, salt) {
    bcrypt.hash("any_password", salt, function(err, hash) {
        // Store hash in your password DB.
    });
});

    Read more here

    Another possible solution with promises

    bcrypt.genSalt(10)
    .then(
        salt => {
            bcrypt.hash(password, salt)
                .then(hash => {
                    console.log(`INFO: Hash generated: ${hash}`)
                        // Store hash in your password DB.
                });
        }
    ).catch(err => console.log(err));

    Console

    jmendoza@jmendoza-ThinkPad-T420:~/IdeaProjects/NodeJS-API-Course/Intermediate-Node-API$ npm run dev

> [email protected] dev /home/jmendoza/IdeaProjects/NodeJS-API-Course/Intermediate-Node-API
> nodemon src/app.js

[nodemon] 2.0.3
[nodemon] to restart at any time, enter `rs`
[nodemon] watching path(s): *.*
[nodemon] watching extensions: js,mjs,json
[nodemon] starting `node src/app.js`
INFO: A NodeJS API is listining on port: 3000
INFO: mongoDB, Atlas. Connected
INFO: SALT: 15
POST /api/v1/users 200 28.146 ms - 40
INFO: Hash generated: $2b$10$1/4o27jmhscGEgTyF54NQurLbZvXI9zFROZKhlm0EoHsBE24NTAVu

    You can see the complete code in my repository:

    https://github.com/JonathanM2ndoza/NodeJS-API-Course/blob/master/Advanced-Node-API/src/modules/encrypt.ts

    bcrypt.genSalt(10)
    .then(
        salt => {
            bcrypt.hash(password, salt)
                .then(hash => {
                    console.log(`INFO: Hash generated: ${hash}`)
                        // Store hash in your password DB.
                });
        }
    ).catch(err => console.log(err));

    this now worked for me

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论