0

i know compare password using bcrypt module is work too, but out of curiousity, i want to know if there is a away to using sequelize fn and postgres crypt?

i already try this :

const user = await Users.findOne({ 
  where: { 
    username: myUsername,
    password: sequelize.fn('crypt',myPassword,'password')
  } 
});

but not work because in the queries look like

SELECT "id", "username", "password", FROM "users" AS "Users" 
WHERE "Users"."username" = 'yosiazwan' AND "Users"."password" = crypt('testing', 'password');

'password' is in single quotes when it should not. if i try that queries in pgadmin, it doesn't work too. but if i remove the 'password' single quotes, like this

SELECT "id", "username", "password", FROM "users" AS "Users" 
WHERE "Users"."username" = 'yosiazwan' AND "Users"."password" = crypt('testing', password);

and that will works. is there any way to remove that single quotes in sequelize fn?

Improve this question

1 Answer 1

Reset to default
2

https://sequelize.org/api/v6/class/src/sequelize.js~sequelize#static-method-fn

public static fn(fn: string, args: any): fn since v2.0.0-dev3

Creates an object representing a database function. This can be used in search queries, both in where and order parts, and as default values in column definitions. If you want to refer to columns in your function, you should use sequelize.col, so that the columns are properly interpreted as columns and not a strings.

https://sequelize.org/api/v6/class/src/sequelize.js~sequelize#static-method-col

public static col(col: string): col since v2.0.0-dev3

Creates an object which represents a column in the DB, this allows referencing another column in your query. This is often useful in conjunction with sequelize.fn, since raw string arguments to fn will be escaped.

Your code should look like

const user = await Users.findOne({ 
  where: { 
    username: myUsername,
    password: sequelize.fn('crypt',myPassword, sequelize.col('password'))
  } 
});
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.