Here I use bcryptjs library to encrypt my password, Its works fine when i insert into db but its returns false every time to pare same password which i insert in DB. Here is my code.. Please tell me where i am wrong.

This code for inserting hash password in DB , It works perfect

     bcrypt.hash(insertData.Password, 10, function(err, hash) {
            // Store hash in your password DB.
            console.log('hash' , hash)
            insertData.Password = hash;

            insertIntoDB(table,insertData,function(result){
                if(result && result.length > 0){
                        res.json({
                            "status":"1",
                            "result":result[0]._id
                        });
                }
            });
     });

And Here is code for pare password but it always returns false.

var actualPass = results[0].Password //Store in DB password
bcrypt.hash(UserInputPassword, 10, function(err, hash) {
        console.log('hash' , hash)

        bcryptpare(actualPass, hash, function(err, response) {
            if(err){
                 console.log("err",err)
             }else{
                 console.log("response",response)                               
             }

        });
 });

Here I use bcryptjs library to encrypt my password, Its works fine when i insert into db but its returns false every time to pare same password which i insert in DB. Here is my code.. Please tell me where i am wrong.

This code for inserting hash password in DB , It works perfect

     bcrypt.hash(insertData.Password, 10, function(err, hash) {
            // Store hash in your password DB.
            console.log('hash' , hash)
            insertData.Password = hash;

            insertIntoDB(table,insertData,function(result){
                if(result && result.length > 0){
                        res.json({
                            "status":"1",
                            "result":result[0]._id
                        });
                }
            });
     });

And Here is code for pare password but it always returns false.

var actualPass = results[0].Password //Store in DB password
bcrypt.hash(UserInputPassword, 10, function(err, hash) {
        console.log('hash' , hash)

        bcrypt.pare(actualPass, hash, function(err, response) {
            if(err){
                 console.log("err",err)
             }else{
                 console.log("response",response)                               
             }

        });
 });

• javascript
• node.js
• bcrypt

• Did you try pare()'ing actualPass against the hash from the database (e.g. insertData.Password) instead of a newly generated hash? – mscdex Commented Jul 5, 2014 at 6:37
• yes i try , here is my code you can check it. But i dont know How it works.. – Pratik Parekh Commented Jul 5, 2014 at 6:39

1 Answer 1

When you pare(), you need to pass in the plaintext value as the first argument and the hash from your database as the second argument. For example:

var hashFromDB = '$2a$10$foo';
var plainPassFromUser = 'mypassword';

bcrypt.pare(plainPassFromUser, hashFromDB, function(err, matches) {
  if (err)
    console.log('Error while checking password');
  else if (matches)
    console.log('The password matches!');
  else
    console.log('The password does NOT match!');
});

You also don't need to bcrypt.hash() a second time before pare(). Just once when you're inserting into the database.