How I can compare password when signin in using bcrypt,I am facing problem at the time of signin for comparing password.From that select query i can get the matched mailid but how to get hash password?????????????????
note:I am not using typeorm...
Here is my service.ts code,
import { ConflictException, Injectable } from '@nestjs/common';
import { SignInDto,SignUpDto } from '../dto';
import { execute } from '../mysql';
import * as bcrypt from 'bcrypt';
import { FORMERR } from 'dns';
@Injectable()
export class AuthService {
// ------SignUp-------
public async CREATE(Dto: SignUpDto): Promise<any> {
const [account]:any = await execute(
`
SELECT
*
FROM
account
WHERE
email = ? AND
is_active = ? AND
is_deleted = ?
`,
[Dto.email.toLowerCase(), 1, 0],
);
if (account) {
throw new ConflictException('Account already exists on this email id.');
}
Dto.email = Dto.email.toLowerCase();
Dto.password = await bcrypt.hash(Dto.password, 12);
Dto.confirmPassword = await bcrypt.hash(Dto.confirmPassword, 12);
const data = { ...Dto};
return await execute(`INSERT INTO account SET ?`, [data]);
}
// -------SignIn---------
public async GET(Dto: SignInDto): Promise<any> {
const [isExist]:any = await execute(
`
SELECT
*
FROM
account
WHERE
email = ? AND
is_active = ? AND
is_deleted = ?
`,
[Dto.email.toLowerCase(), 1, 0],
);
*if (!isExist) {
const compare=await bcrypt.compare()
throw new ConflictException('Account does not exists.');
}*
return {
id: isExist.id,
};
}
}
conroller.ts
import { Controller, Post, Body, HttpCode, HttpStatus, Res, Get, ParseIntPipe, Param } from '@nestjs/common';
import { ApiOperation, ApiResponse, ApiTags } from '@nestjs/swagger';
import { SignUpDto, SignInDto } from '../dto';
import { Response } from 'express';
import { AuthService } from './auth.service';
@Controller('auth')
export class AuthController {
constructor(private readonly _authService: AuthService) { }
@Post('/sign-up')
@HttpCode(HttpStatus.OK)
@ApiResponse({ status: HttpStatus.OK, description: 'Success' })
@ApiOperation({ summary: 'SignUp' })
public async SIGNUP(@Res() res: Response, @Body() Dto: SignUpDto): Promise<any> {
const result: any = await this._authService.CREATE(Dto);
if (result) {
return res.status(HttpStatus.OK).json({ status: HttpStatus.OK, message: `Registration completed successfully.` });
}
return res.status(HttpStatus.BAD_REQUEST).json({ status: HttpStatus.BAD_REQUEST, message: `Something went wrong. Please try again later.` });
}
@Post('/sign-in')
@HttpCode(HttpStatus.OK)
@ApiResponse({ status: HttpStatus.OK, description: 'Success.' })
@ApiOperation({ summary: 'SignIn' })
public async SIGNIN(@Res() res: Response, @Body() Dto: SignInDto): Promise<any> {
const result: any = await this._authService.GET(Dto);
if (result) {
res.status(HttpStatus.OK).json({ status: HttpStatus.OK, data: result, message: `Successfull` });
}
}
}
I am facing problem at the time of signin for comparing password.From that select query i can get the matched mailid but how to get hash password?????????????????
Thanks.....
CodePudding user response:
First, there's no need to save the hashed confirmation password. The confirmation password should just be checked that it matches the password, to make sure the user sent in the password they expected to.
Second, assuming you have a password
column, you should be able to get the password via isExist.password
. Then you can check if the passwords are the same using bcrypt via bcrypt.compare(Dto.password, isExist.password)
. Bcrypt will take care of computing the same salt based on the hashed password (it's part of the hash actually). The compare
method will return a boolean if the passed password hashes to the same hashed value and you can tell then if it was correct or not.