I am making a simple login page using Node.js for back-end stuff and passport for authentication. To me all my code looks good and it looks like it should work. I even put it into chatGPT and it couldn't find any problems, either. No matter the input for the login page, even if it is correct, I get redirected to the failureRedirect page. I know the passwords and emails are correct, even though they are hashed and salted, because I make them extremely simple 3 character passwords for testing purposes. I even seen the hashed password in my DB.
My approach to the problem is taking the submitted input from the user and salting it then hashing it, and storing it to the DB. Then I used the local passport strategy to handle the authentication process by comparing the form input to the user input and if it matches the user will be redirected to a certain page and if not they will be redirected to another page, just for testing purposes. I will include relevant code below to give you a better idea of how I approached this problem.
//my User model, exported correctlyconst UserSchema = new Schema({ firstName: {type: String, required: true}, lastName: {type: String, required: true}, email: {type: String, required: true}, password: {type: String, required: true}, posts: {type: Schema.Types.ObjectId, ref: "Post"}})// password hashing code & user creationasyncHandler(async (req, res, next) => { try { // Hash the password const hashedPassword = await bcrypt.hash(req.body.password, 10); // Check if user with the provided email already exists const existingUser = await User.findOne({ email: req.body.email }).exec(); if (existingUser) { return res.status(400).send('Email already exists. Please use a different one.'); } // Create new user const user = new User({ firstName: req.body.firstName, lastName: req.body.lastName, email: req.body.email, password: hashedPassword // Use the hashed password }); await user.save(); // Redirect after successful registration res.redirect("/"); } catch (err) { next(err); }});// snippet of my authentication function configurePassport(passport) { passport.use(new LocalStrategy( async (email, password, done) => { try { const user = await User.findOne({ email: email }) if (!user) { //usernames do not match! return done(null, false, { message: "Incorrect username" }) }; const match = await bcrypt.compare(password, user.password) if (!match) { // passwords do not match! return done(null, false, { message: "Incorrect password" }) } return done(null, user); } catch(err) { return done(err); }; }));} h1= title if user h1 Welcome back #{user.firstName} else form(action="/", method="post") input(type="email", name="email", placeholder="email") input(type="password", name="password", placeholder="password") button(type="submit") Log In a(href="/register") Register Nowpassport.authenticate("local", { successRedirect: "/", failureRedirect: "/register"});So I have included my code for my Schema initialization, user creation and password hashing, the user authentication, and even my login form using pug with the passport.authenticate code. I have tried almost everything and I am not sure where I am going wrong. This is such a simple app that I feel like it has to be something simple. Also the configurePassword function is imported and called in my main app as configurePassword(passport).