Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

When updating user with a hashPassword hook, the password gets rehashed

See original GitHub issue

This is how my controller looks like:

const user = await auth.getUser()
user.profile_pic = 'somethingnew.png'
await user.save()

return user

When I do this the hashPassword hook hashes the old password. How can I prevent this?

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

5reactions
thetutlagecommented, Mar 12, 2018

Yes, exactly as @webdevian said. You can check for $dirty fields.

UserHook.hashPassword = async (userInstance) => {
  if (userInstance.$dirty.password) {
    userInstance.password = await Hash.make(userInstance.$dirty.password)
  }
}
2reactions
marcelklehrcommented, Mar 17, 2018

I couldn’t find this in the docs

Read more comments on GitHub >

github_iconTop Results From Across the Web

security - Updating password hashing without forcing a new ...
I would suggest adding a new field, "hash_method", with perhaps a 1 to signify the old method and a 2 to signify the...
Read more >
PasswordHasher updating user information - Stack Overflow
So I am assuming the user data is used to hash the password and then to verify. But doesn't this mean I need...
Read more >
PHP Password Hashing tutorial (with examples)
In this tutorial I show you how to perform PHP password encryption. You will learn how to use password_hash() and password_verify(), ...
Read more >
PHP Native password hash – WordPress plugin
Passwords already hashed in the database will be rehashed automatically and transparently the next time the user logs in. PHP might come up...
Read more >
Password Hashing and Verification (Symfony Docs)
This means that if a better hash algorithm is supported on your system, the user's password should be rehashed using the newer algorithm...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Failed migrations are not rolled back

Next page

[RFC] Seeds behaviour