Checking and updating passwords with passport-local and bcrypt in node.js

Question

I'm getting an [Error: data and hash arguments required] error when trying to verify a user's existing password within my node app. The context is that I ask my user to verify their existing password prior to changing it within the user profile page. My stack is node + mondodb (via mongoose) using passport-local with bcrypt.

The relevant code is:

// code trying to match that returns the aforementioned error
req.user.comparePassword(req.body.password, function (err, isMatch) {
    if (err) {
        return console.error(err);
    }
    if (isMatch) {
        console.log('passwords match');
        // now save new password

        // Password verification
        userSchema.methods.comparePassword = function (candidatePassword, cb) {
            bcrypt.compare(candidatePassword, this.password, function (err, isMatch) {
                if (err) return cb(err);
                cb(null, isMatch);
            });
        };
    }
}

req.user references the current user object, and `req.body.password' is the password obtained from the user's POST. I am using the UserSchema, passport strategy and Bcrypt configuration from the passport-local example here.

Can someone provide guidance on how to verify that the passwords match prior to updating?

Answer 1

So bcrypt.compare is complaining that one of the arguments, either data or hash are missing. So that implies perhaps this.password is returning null or undefined. Check your database record for that user and be sure it has a valid hash stored.