crypto/bcrypt: hashedSecret too short to be a bcrypted password #4
Description
user.go -> FindOne
actually not working properly.
It drops the error:
crypto/bcrypt: hashedSecret too short to be a bcrypted password
in function
errf := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
It's because of current User model doesn't save Password with correct size.
And actually when you check only bcrypt.ErrMismatchedHashAndPassword type of error,
it allow to go through authentication using any password.
If do edit for User model in Password field - CompareHashAndPassword works correct.
//User struct declaration
type User struct {
gorm.Model
Name string
Email string `gorm:"type:varchar(100);unique_index"`
Password string `gorm:"size:100" json:"Password"`
Role string `json:"Role"`
Rovers string `json:"Rovers"`
}