Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Check user password #193

codermapuche opened this Issue May 3, 2016 · 2 comments


None yet
3 participants
Copy link

codermapuche commented May 3, 2016

Hi. I try to build a profile page when the user to update your information is forcet to re-enter your actual password, for this, before update i build a hook to compare the password provided with the current stored:


 patch : [
    function(hook) {          
      // Only patch current user. =;

      return userService
               .then(function(user) {
                 // How to compare here with user.password???
                         // is not hashed (example: abc123)
                         // user.password is a stored password hash
                 throw new errors.BadRequest(`Invalid request`, {
                   errors: [
                     { path: 'password',
                       value: '********',
                       message: `La clave actual es incorrecta`

try to hash with hook auth.hashPassword() but every time produces a diferent hash for same password and i can compare it when stored hash.

Any ideas?


This comment has been minimized.

Copy link

marshallswain commented May 3, 2016

Maybe try using the bcryptjs module directly.


This comment has been minimized.

Copy link

daffl commented May 18, 2016

As @marshallswain mentioned, you should be able to use bcryptjs directly:

const bcrypt = require('bcryptjs');, user.passwordfield, function(error, result) {
  if (error) {
    // handle crypto error
  } else if (result) {
    // handle success
  } else {
    // wrong password

I am going to close this. Please reopen if that didn't work for you.

@daffl daffl closed this May 18, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.