bcrypt Error: data and hash arguments required

I am getting a bcrypt error stating that data and hash arguments are required, referencing line #44 in my routes.js file. From what I can tell, I am passing that information: the first parameter to bcrypt.compare is the user entered password, and the second is the hashed password retrieved from the db. What am I doing wrong?

bcrypt.compare(req.params.password, user.password, function... 

routes.js

'use strict' var express = require('express'); var router = express.Router(); var User = require('../app/models/user'); //password hashing var bcrypt = require('bcrypt'); var count = 0; router.use(function(req, res, next) { count++; console.log('API hit count = %s', count); next(); }); // /users post(create new user) get(specific user) router.route('/users') .post(function(req,res) { var user = new User(); user.username = req.body.username; user.password = bcrypt.hashSync(req.body.password, 10); //save the user and checkfor errors user.save(function(err) { if (err) { res.send(err); } else { res.json({message: "User created!"}); } }); }) router.route('/users/:username') .get(function(req, res) { var query = { username: req.params.username, }; User.findOne(query, function(err, user) { if (err) { res.send(err); } else { bcrypt.compare(req.params.password, user.password, function(err, res) { if(err) { console.log('Comparison error: ', err); } }) res.json(user); } }); }) 
2

16 Answers

bcrypt.compare takes 3 parameters; passwordToCheck, passwordHash, and a callback, respectively. (Check the documentation for examples)

This error means one or both of the first 2 parameters are either null or undefined. Therefore, make sure both of them are passed correctly. (Not as null or undefined)

2

Why do we face this error? bcrypt Error: data and hash arguments required

Example: bcrypt.compare(first, second)

Ans: because either second key hash password does not exist (null or undefined) or first, which are compared to each other.

1

I used

const user = await User.find({email: req.body.email}) //which returned all users 

//and unless i reference the first user in index 0, i can't pass user.password to the //bcrypt compare method because it's not a string I changed it to

await User.findOne({email: req.body.email})//from which i can use user.password in the //bcrypt compare method 

I was having the same error when I was working with node js and mongoose. It was caused by attribute added to password called select: false in user model.

After remove it, it works.

1
const passwordMatch = await bcrypt.compare(password, user.password); 

Make sure you are giving raw password and hash password. This will return a boolean value.

I had the same error and the problem was a missing await when calling the function that reads from database

the steps for this problem : 1-ensure that the bcrypt function is have awir before it 2- if the problem is still exist ,then the problem is in the database (mongodb),try to create new database an example:

const match = await bcrypt.compare(password,userValid.password); if (match) { res.send("login successful") }else{ res.send("wrong password") } } 

I was having the same issue, but I was using the synchronous form of bycrypt.compare(), which is bcrypt.compareSync(), so I changed it to bcrypt.compare() and it works perfectly.

Use

findOne({}) 

instead of

find() 

Try console.log() to view and verify the data.

try { let match = await bcrypt.compare(password, user.password) if(!match){ return res.json({mass: "invalid Created"}) }else{ res.send('Wrong password') } console.log('success fulli', user) res.render('pages/auth/login', {title: 'Login In Your Account'}) } catch(e) { console.log(e) next(e) } 
1

The problem also can appear when you forget to add await when loading data from the database. I got the same error after forgetting to add "await".

let user = User.findOne({ username: req.body.username });

let user = await User.findOne({ username: req.body.username });

I also have this problem i set for password select:false in user model and solved by adding select('+password') to login route

i know all the questions are solved but maybe someone finds this code works for him

const passwordMatch = await bcrypt.compare(password, user.rows[0].s_password); 

The name after the dot it's the name you use in your database, it's the field

1

I had the same issue, found out that I had missed an await while comparing hence receiving a null value when comparing.

// Compare incoming & stored password const matchedPassword = await bcrypt.compare(password, userExists.password) 

Also, the first argument should be the plain text password while the second is the hashed password.

Okay guys huddle up!

First of all if you have "select":false for password in your schema, you should use it like this:

const {email,passord} = req.body const user = await User.findOne({ email }).select('+password'); // that will allow us the edit password property without revealing it. 

After that you can call your compare function

if (!(await user.comparePassword(password, user.password))) { res.status(400).json({ status: 'Fail', msg: 'Incorrect nickname or password', }); } 

I also faced the same problem. I realized that usermodel.find() returns an array of all users but users.findOne() returns an object. You should use the latter.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.

You Might Also Like