(Node.js) BCrypt Verify a Password (Check if Password is Correct)

A system that uses BCrypt for storing passwords would not store the actual password, but would instead store the bcrypt hash of the password. When a user presents the password, such as for login, call BCryptVerify to verify the password against the stored bcrypt hash.

Note: This example requires Chilkat v9.5.0.65 or greater.

Install Chilkat for Node.js and Electron using npm at Chilkat npm packages for Node.js Chilkat npm packages for Electron on Windows, Linux, MacOS

var os = require('os');
if (os.platform() == 'win32') {  
  var chilkat = require('@chilkat/ck-node23-win64'); 
} else if (os.platform() == 'linux') {
    if (os.arch() == 'arm') {
        var chilkat = require('@chilkat/ck-node23-linux-arm');
    } else if (os.arch() == 'arm64') {
        var chilkat = require('@chilkat/ck-node23-linux-arm64');
    } else {
        var chilkat = require('@chilkat/ck-node23-linux-x64');
    }
} else if (os.platform() == 'darwin') {
  var chilkat = require('@chilkat/ck-node23-mac-universal');
}

function chilkatExample() {

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    var crypt = new chilkat.Crypt2();

    var storedHash = "$2a$10$H5kIVktMGzAPKGKNAe9DVu0iwEqfhv/o4MMJ/Dzw/MPy1leOE9NOK";
    var password = "mySecretPassword";

    var passwordValid = crypt.BCryptVerify(password,storedHash);
    if (passwordValid == true) {
        console.log(password + " is valid.");
    }
    else {
        console.log(password + " is NOT valid.");
    }

    password = "notAValidPassword";
    passwordValid = crypt.BCryptVerify(password,storedHash);
    if (passwordValid == true) {
        console.log(password + " is valid.");
    }
    else {
        console.log(password + " is NOT valid.");
    }

    // Output should be:

    // 	mySecretPassword is valid.
    // 	notAValidPassword is NOT valid.

}

chilkatExample();