Why my password in the database is not equal to the password in the request body?


jipson saad

I try to make a login for my API in Nestjs, so when the user send the data through the request body, I catch the data and I use the query builder of typeorm, then I get the user with his properties, after comproving if user exists I create a new comparison block, I don´t know the reason why the code is not work, if I use https://bcrypt-generator.com/ for comparate the hash password in the database and the password of the request body, that throw true, but in my code it doesn't work

async login(userRO: UserRO) {
const { email, password } = userRO;
const user = await getRepository(User)
.where('user.email = :email', {email})
if (!user) {
throw new HttpException(
'Usuario no es correcto',
// hashPassword = $2y$12$ZvWFRLVoS2gxyCjLkCbOZuN7NKfYrpT6cWxSJaeiVr0PnPBeoI8GS
// password = pepito09
const pass = await bcrypt.compare(password, user.password);
if (!pass) { // this always throw an error
throw new HttpException(
'Contraseña incorrecta',
const rol = await getRepository(Rol)
.leftJoinAndSelect(User, 'user', 'user.rolId = rol.id')
.where('user.email = :email', { email })
if (!rol) {
throw new HttpException(
'Rol no encontrado',
const type = this.typeUser(rol.name) ;
const payload = { email: user.email, id: user.id, rol: rol.name };
return {
access_token: this.jwtService.sign(payload),

So, I expect the comparison block about the password throw true if the password in the database and the password in the request body are equals, and false if it doesn't.

Continue reading...