I’m trying to implement the latest Argon2 on an existing NodeJS project, following the doc above.
When creating an account, it all works fine. I can see the Argon2 hash in the DB.
When logging in, if I input plain text password, it fails with 401. But if I put in Argon2 hash copied from the DB, I get logged in.
I have the verify option enabled in security provider.
Have gone through the docs multiple time, not sure what I am missing. My setup is pretty much a copy of what the docs says. We are using PostgreSQL.
If the password hash verify is on, then this won't work like that. From your explanation it sounds like the security provider is not verifying hashes but just comparing strings.
Maybe try setting up the security provider again also make sure the login action uses the correct security provider.
Deleted existing “security” named security provider. Created a new “securityArgon” provider. Same behaviour.
Also checked the Wappler output console, no errors.
Perfect, that worked. Should have thought of that.
This has been happenning quite a lot lately. Have read numerous posts where this has been the issue.
Maybe there’s some bug here which can be tackled with the new project updater?
