Open harshvats2000 opened 2 years ago
According to bcrypt official docs I read (here), bcrypt.compare
return promise
compare(data, encrypted, cb)
data - [REQUIRED] - data to compare.
encrypted - [REQUIRED] - data to be compared to.
cb - [OPTIONAL] - a callback to be fired once the data has been compared. uses eio making it asynchronous.
If cb is not specified, a Promise is returned if Promise support is available.
err - First parameter to the callback detailing any errors.
same - Second parameter to the callback providing whether the data and encrypted forms match [true | false].
So, the compare really return a Promise. Why would do that?
As you can see ini auth.service
, there is following function:
const loginUserWithEmailAndPassword = async (email, password) => {
const user = await userService.getUserByEmail(email);
if (!user || !(await user.isPasswordMatch(password))) {
throw new ApiError(httpStatus.UNAUTHORIZED, 'Incorrect email or password');
}
return user;
};
This function call isPasswordMatch
from user.model
. So to add a consistency here, the author add async
in the user model.
At line 73 in
user.model.js
, below function is written:I believe there is a missing await keyword in return statement as the compare function is an async function. If bcrypt.compare doesn't return promise, then async is redundant.
So the final code should be