I am working on a password reset feature in a Node.js/Express application using Sequelize and the crypto module to hash passwords. When I send a POST request to my /reset-password endpoint, I get the following error:
Error in resetPassword: The "data" argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received undefined.
Here's the relevant code for the resetPassword function:
import crypto from "crypto";
import { User } from "../models/user.js"; // Sequelize model
import { Op } from "sequelize";
import logger from "../utils/logger.js";
export const resetPassword = async (req, res) => {
try {
const { token, password } = req.body;
// Find user by reset token
const user = await User.findOne({
where: {
reset_token: token,
reset_token_expires: { [Op.gt]: new Date() },
},
});
if (!user) {
return res.status(400).json({ message: "Invalid or expired reset token" });
}
// Hash new password
const hashedPassword = crypto
.createHash("sha256")
.update(password)
.digest("hex");
// Update user password and clear reset token
await user.update({
password: hashedPassword,
reset_token: null,
reset_token_expires: null,
});
res.status(200).json({ message: "Password reset successful" });
} catch (error) {
logger.error("Error in resetPassword:", error);
res.status(500).json({ message: "Error resetting password" });
}
};
Additional info: Node.js version: 18.x Express version: 4.x Sequelize version: 6.x
The error indicates that the password variable in the resetPassword function is undefined, causing the crypto.createHash("sha256").update(password) call to fail. This is because the crypto.update() method expects a string, Buffer, TypedArray, or DataView, but it's receving undefined.