Keep getting invalid credentials when login nodejs

Hi!
I am fairly new to node.js and trying to get my login credentials from the database, I can successfully get login credentials from the database but when I call it from my server.js file, I keep getting Invalid credentials even though they are the right credentials. I will appreciate if a fresh eyes could look into this and point out what I am doing wrong. Using Postgres DB

app.post('/api/login', async (req, res) => {
  try {
    const loginCredentials = {
      email: req.body.email,
      password: req.body.password
    }

    if (loginCredentials.email === '' && loginCredentials.password === '') {
      return res.status(500).send('Email and Password required')
    }
    if (loginCredentials.email === '' || loginCredentials.password === '') {
      return res.status(500).send('Email and Password required')
    }
    if (loginCredentials.email && loginCredentials.password ) {
      // getting credentials from db.login
      const result = await db.login(loginCredentials.email, loginCredentials.password)
      console.log('* ' + result)
      if (result) {
        res.status(200).send("Success")
      } else {
        res.status(401).send("Invalid Credentials")
      }
    }
  } catch (e) {
    throw e
  }

and here is my db.login method

async function login(email, password) {
  console.debug("login db")
  const query = `SELECT *
                 FROM users
                 WHERE email = $1`
  const client = await pool.connect()
  try {
    await client.query(query, [email], async function (err, result) {
      if (err) {
        throw err
      }
      console.debug('hash: ' + result.rows[0].hash)
      console.debug('pass: ' + password)

      if (result.rows.length > 0) {
        const user = result.rows[0]
        //role = user.role
        const validPassword =  bcrypt.compare(password, user.hash)
        if (!validPassword){
          console.log('Invalid Credentials')
          return 'Invalid Credentials'
        }else {
          console.debug('success')
          return user
        }
      } else {
        return 'No user in the DB'
      }
    
    })
  } catch (e) {
    throw e
  }
}

Thank u

looks familar.myself i tried regerstering with a trusted company every time i entered my phone # it would vanish .true story ,needless to say i gave up .its been a long time of dealing with issuies fro a-z on my phone

  • List item will not allow ummmmm