bcrypt Error: data and hash arguments required

Question

I am getting a bcrypt error stating that data and hash arguments are required, referencing line #44 in my routes.js file. From what I can tell, I am passing that information: the first parameter to bcrypt.compare is the user entered password, and the second is the hashed password retrieved from the db. What am I doing wrong?

bcrypt.compare(req.params.password, user.password, function...

routes.js

'use strict'

var express = require('express');
var router = express.Router();
var User = require('../app/models/user');
//password hashing
var bcrypt = require('bcrypt');

var count = 0;

router.use(function(req, res, next) {
    count++;
    console.log('API hit count = %s', count);
    next();
});

// /users post(create new user) get(specific user)
router.route('/users')
    .post(function(req,res) {
        var user = new User();
        user.username = req.body.username;
        user.password = bcrypt.hashSync(req.body.password, 10);

        //save the user and checkfor errors
        user.save(function(err) {
            if (err) {
                res.send(err);
            } else {
                res.json({message: "User created!"});
            }    
        });

    })

router.route('/users/:username')
    .get(function(req, res) {
        var query = {
            username: req.params.username,
        };
        User.findOne(query, function(err, user) {
            if (err) { 
                res.send(err);
            } else {
                bcrypt.compare(req.params.password, user.password, function(err, res) {
                    if(err) {
                        console.log('Comparison error: ', err);
                    }
                })
                res.json(user);
            }
        });
    })

Answer 1

bcrypt.compare takes 3 parameters; passwordToCheck, passwordHash, and a callback, respectively. (Check the documentation for examples)

This error means one or both of the first 2 parameters are either null or undefined. Therefore, make sure both of them are passed correctly. (Not as null or undefined)

Answer 2

Why do we face this error? bcrypt Error: data and hash arguments required

Example: bcrypt.compare(first, second)

Ans: because either second key hash password does not exist (null or undefined) or first, which are compared to each other.

Answer 3

I used

const user = await User.find({email: req.body.email}) //which returned all users

//and unless i reference the first user in index 0, i can't pass user.password to the //bcrypt compare method because it's not a string I changed it to

await User.findOne({email: req.body.email})//from which i can use user.password in the //bcrypt compare method

Answer 4

I was having the same error when I was working with node js and mongoose. It was caused by attribute added to password called select: false in user model.

After remove it, it works.

Answer 5

const passwordMatch = await bcrypt.compare(password, user.password);

Make sure you are giving raw password and hash password. This will return a boolean value.

Answer 6

I had the same error and the problem was a missing await when calling the function that reads from database

Answer 7

I was having the same issue, but I was using the synchronous form of bycrypt.compare(), which is bcrypt.compareSync(), so I changed it to bcrypt.compare() and it works perfectly.

Answer 8

the steps for this problem : 1-ensure that the bcrypt function is have awir before it 2- if the problem is still exist ,then the problem is in the database (mongodb),try to create new database an example:

const match = await bcrypt.compare(password,userValid.password);
            if (match) {
                res.send("login successful")
            }else{
                res.send("wrong password")
            }
        }

Answer 9

Use

findOne({})

instead of

find()

Try console.log() to view and verify the data.

Answer 10

try {
    let match  = await bcrypt.compare(password, user.password)
    if(!match){
        return  res.json({mass: "invalid Created"})
    }else{
       res.send('Wrong password')
    }

    console.log('success fulli', user)
    res.render('pages/auth/login', {title: 'Login In Your Account'})

} catch(e) {
    console.log(e)
    next(e)
}

Answer 11

The problem also can appear when you forget to add await when loading data from the database. I got the same error after forgetting to add "await".

let user = User.findOne({ username: req.body.username });

let user = await User.findOne({ username: req.body.username });

Answer 12

I also have this problem i set for password select:false in user model and solved by adding select('+password') to login route

Answer 13

i know all the questions are solved but maybe someone finds this code works for him

const passwordMatch = await bcrypt.compare(password, user.rows[0].s_password);

The name after the dot it's the name you use in your database, it's the field

Answer 14

I had the same issue, found out that I had missed an await while comparing hence receiving a null value when comparing.

// Compare incoming & stored password
const matchedPassword = await bcrypt.compare(password, userExists.password)

Also, the first argument should be the plain text password while the second is the hashed password.

Answer 15

Okay guys huddle up!

First of all if you have "select":false for password in your schema, you should use it like this:

const {email,passord} = req.body

const user = await User.findOne({ email }).select('+password'); // that will allow us the edit password property without revealing it.

After that you can call your compare function

if (!(await user.comparePassword(password, user.password))) {
      res.status(400).json({
        status: 'Fail',
        msg: 'Incorrect nickname or password',
      });
    }

Answer 16

I also faced the same problem. I realized that usermodel.find() returns an array of all users but users.findOne() returns an object. You should use the latter.