Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hash that is being generated from createAdminUser does not match the input #219

Open
bonkboykz opened this issue Apr 17, 2021 · 2 comments · May be fixed by #258
Open

Hash that is being generated from createAdminUser does not match the input #219

bonkboykz opened this issue Apr 17, 2021 · 2 comments · May be fixed by #258

Comments

@bonkboykz
Copy link

bonkboykz commented Apr 17, 2021
edited
Loading

Reproduction steps:

  1. Create user using cli npx nestjs-admin createAdminUser (ex. user: test, password: test)
  2. Take the hash from the database (ex. $2a$12$jjckji7plcEhIuG2sUuYjeeei2LqgdFmGruPJWzQELI7bo36FhC9.)
  3. Compare it in node using bcryptjs
> const { hashSync, compareSync } = require('bcryptjs');
undefined
> origHash = '$2a$12$jjckji7plcEhIuG2sUuYjeeei2LqgdFmGruPJWzQELI7bo36FhC9.'
'$2a$12$jjckji7plcEhIuG2sUuYjeeei2LqgdFmGruPJWzQELI7bo36FhC9.'
> compareSync('test', origHash);
false

I think the issue is related to the #215, #213, and #221
@bonkboykz bonkboykz mentioned this issue Apr 17, 2021
Open
@hudzenko
Copy link

hudzenko commented Aug 20, 2021
edited
Loading

Can confirm this happens and this is weird.
This happens not only when doing npx nestjs-admin createAdminUser but when creating admin user from admin panel as well.

@tahikucing tahikucing mentioned this issue Aug 28, 2021
Open
@LeoAnesi
Copy link
Collaborator

After some debugging I found out that the problem is with the entity listener that is being triggered at least two times, the hashed password is hashed again. So when you try to compare with bcrypt the password and the hash it fails

This was referenced Dec 18, 2021
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@bonkboykz @hudzenko @LeoAnesi