🐞 Bug Report: Scrypt password verification fails in production after upgrading to NuxtHub 0.10.* on Cloudflare

[mrkaashee]

Password verification with scrypt fails in production after upgrading to NuxtHub 0.10.* (self-hosted on Cloudflare). Verification returns false in production while working correctly in local development. This worked fine before the upgrade.

Timeline:

• ✅ Before NuxtHub 0.10.*: Password verification working on Cloudflare
• ❌ After NuxtHub 0.10.*: Password verification fails on Cloudflare
• ✅ Local development: Still works with same code

Demo Test Results:

Local Development (Working):

{
  "env": {
    "runtimePassword": true,
    "envPassword": true,
    "runtimePasswordLength": 64,
    "envPasswordLength": 64,
    "runtimePasswordFirst10": "b20cdc51db...",
    "envPasswordFirst10": "b20cdc51db...",
    "passwordsMatch": true
  },
  "test": {
    "password": "test_password_123",
    "hashed": "$scrypt$n=4096,r=8,p=1$+k9xuB+I5F721jgsXwgDWg$/9PmZvto+/9VMH5f1hkRS8ro6dTcgQYGtVUk7ivJokfD9AGMYfXqF+Gl0pX3M88h3J+r9otjmsXBVkHqqMGJ0A",
    "verifySuccess": true,
    "verifyError": null
  }
}

Production Cloudflare (Failing):

{
  "env": {
    "runtimePassword": true,
    "envPassword": true,
    "runtimePasswordLength": 64,
    "envPasswordLength": 64,
    "runtimePasswordFirst10": "b20cdc51db...",
    "envPasswordFirst10": "b20cdc51db...",
    "passwordsMatch": true
  },
  "test": {
    "password": "test_password_123",
    "hashed": "$scrypt$n=4096,r=8,p=1$5WeNlLN/bmDBQXmpY/DB+A$EtxwxX0G8fQjAOPggUY3pr2IGG+JgF3wU8GDKPuVxNE1le+zAgof5i6LYGHXlAT/3c0SmziuPS2AjgKUwgogtQ",
    "verifySuccess": false,
    "verifyError": null
  }
}

Key Observations:

1. Hashing succeeds in both environments
2. Verification fails silently (verifySuccess: false) in production only
3. No errors thrown - makes debugging difficult

Test Code Used:

// Update your test endpoint to check more details
export default eventHandler(async event => {
  const config = useRuntimeConfig(event)

  // Check both runtime config and environment variables
  const runtimePassword = config.session?.password
  const envPassword = process.env.NUXT_SESSION_PASSWORD

  const results = {
    env: {
      runtimePassword: !!runtimePassword,
      envPassword: !!envPassword,
      runtimePasswordLength: runtimePassword?.length || 0,
      envPasswordLength: envPassword?.length || 0,
      runtimePasswordFirst10: runtimePassword?.substring(0, 10) + '...',
      envPasswordFirst10: envPassword?.substring(0, 10) + '...',
      passwordsMatch: runtimePassword === envPassword
    },
    test: {
      password: 'test_password_123',
      hashed: null,
      verifySuccess: null,
      verifyError: null
    }
  }

  try {
    // Log the actual hash operation
    results.test.hashed = await hashPassword(results.test.password)
    console.log('Generated hash:', results.test.hashed)

    // Try verification
    results.test.verifySuccess = await verifyPassword(results.test.hashed, results.test.password)
  }
  catch (e: any) {
    results.test.verifyError = e.message
    console.error('Verify error:', e)
  }

  return results
})

Environment

Operating system	Windows 10.0.26200
CPU	13th Gen Intel(R) Core(TM) i7-13700H (20 cores)
Node.js version	v24.11.1
nuxt/cli version	3.31.1
Package manager	npm@11.6.2
Nuxt version	4.2.2
Nitro version	2.12.9
Builder	vite@7.2.7
Config	auth, compatibilityDate, css, devtools, eslint, experimental, future, hub, modules, ui
Modules	@nuxt/eslint@1.12.1, @nuxt/ui@4.2.1, @nuxthub/core@0.10.1, @nuxt/image@2.0.0, nuxt-auth-utils@0.5.26, @nuxt/hints@1.0.0-alpha.3

[clifordpereira]

I am facing this exact issue as well with nuxt-auth-utils + Cloudflare. Everything works perfectly in local development, but password verification strictly fails in the deployed environment (Cloudflare Workers).

I was able to work around this by replacing the built-in hashPassword/verifyPassword with bcryptjs, while still keeping nuxt-auth-utils for the session management parts.

Workaround implementation:

• Installed bcryptjs and @types/bcryptjs.
• Created a custom hashing utility:

import bcrypt from 'bcryptjs'

export const hashUserPassword = (password: string) => {
  return bcrypt.hashSync(password, 10)
}

export const verifyUserPassword = (password: string, hashedPassword: string) => {
  return bcrypt.compareSync(password, hashedPassword)
}

• Updated my auth endpoints (login/register) to use these functions instead of the ones from #auth-utils.

This bypasses the issue entirely and is working stably in production for me now.

[kamilmedrala]

Same issue on my side, @clifordpereira 's solution is good but only for new projects. I already have old passwords hashed with scrypt on production db so that won't work unfortunately (correct me if I'm wrong). Any ideas what might have changed?

[clifordpereira]

@kamilmedrala

Can existing users still log in using their current scrypt hashes?

If the issue affects only new users, one approach is to:

Use the new algorithm (e.g. bcrypt) for new users.

For existing users, on a successful login, re-hash the password with the new algorithm and update the stored hash.

This allows a gradual, backward-compatible migration without forcing password resets.

What might have changed?

As you might know, the local environment runs on Node.js, while Cloudflare Workers run on V8 isolates with a WebCrypto-based runtime.

This runtime difference strongly suggests that the issue is related to WebCrypto or crypto polyfill behavior rather than application logic, though I’m not 100% certain.

[rootasjey]

Same issue here.
I've found a workaround that does not require re-hashing old passwords while allowing all users to login.

I've installed @noble/hashes version 2.0.1
In server/utils/password.ts:

password.ts

import { scrypt } from '@noble/hashes/scrypt.js'

const SCRYPT_PARAMS = {
  N: 16384,
  r: 8,
  p: 1,
  dkLen: 64,
}

const SALT_LENGTH = 16

function getSalt(): Uint8Array {
  const salt = new Uint8Array(SALT_LENGTH)
  crypto.getRandomValues(salt)
  return salt
}

function toBase64(data: Uint8Array): string {
  if (typeof Buffer !== 'undefined') {
    return Buffer.from(data).toString('base64')
  }
  let binary = ''
  for (const byte of data) binary += String.fromCharCode(byte)
  return btoa(binary)
}

function fromBase64(value: string): Uint8Array {
  if (typeof Buffer !== 'undefined') {
    return new Uint8Array(Buffer.from(value, 'base64'))
  }
  const binary = atob(value)
  const bytes = new Uint8Array(binary.length)
  for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i)
  return bytes
}

function timingSafeEqual(a: Uint8Array, b: Uint8Array): boolean {
  if (a.length !== b.length) return false
  let diff = 0
  for (let i = 0; i < a.length; i++) {
    const ai = a[i] ?? 0
    const bi = b[i] ?? 0
    diff |= ai ^ bi
  }
  return diff === 0
}

function parsePhc(value: string) {
  const parts = value.split('$')
  const [, algorithm, paramStr = '', saltPart = '', hashPart = ''] = parts
  if (parts.length !== 5 || algorithm !== 'scrypt') {
    throw new Error('Invalid scrypt hash format')
  }

  const params = paramStr.split(',').reduce<Record<string, number>>((acc, entry) => {
    const [k, v] = entry.split('=')
    if (!k || v === undefined) return acc
    acc[k] = Number(v)
    return acc
  }, {})

  return {
    params,
    salt: fromBase64(saltPart),
    hash: fromBase64(hashPart),
  }
}

export async function hashPasswordWorker(plain: string): Promise<string> {
  const salt = getSalt()
  const encoded = typeof plain === 'string' ? new TextEncoder().encode(plain) : new Uint8Array()
  const derived = await scrypt(encoded, salt, SCRYPT_PARAMS)
  return `$scrypt$n=${SCRYPT_PARAMS.N},r=${SCRYPT_PARAMS.r},p=${SCRYPT_PARAMS.p}$${toBase64(salt)}$${toBase64(derived)}`
}

export async function verifyPasswordWorker(hashedPassword: string, plain: string): Promise<boolean> {
  try {
    const { params, salt, hash } = parsePhc(hashedPassword)
    const encoded = typeof plain === 'string' ? new TextEncoder().encode(plain) : new Uint8Array()
    const derived = await scrypt(encoded, salt, {
      N: Number(params.n) || SCRYPT_PARAMS.N,
      r: Number(params.r) || SCRYPT_PARAMS.r,
      p: Number(params.p) || SCRYPT_PARAMS.p,
      dkLen: hash.length || SCRYPT_PARAMS.dkLen,
    })
    return timingSafeEqual(hash, derived)
  } catch {
    return false
  }
}

Then in my server/api/auth/login.post.ts:

login.post.ts

import { z } from 'zod'
import { db, schema } from 'hub:db'
import { eq, sql } from 'drizzle-orm'
import { verifyPasswordWorker } from '~~/server/utils/password'

const bodySchema = z.object({
  email: z.email(),
  password: z.string().min(8)
})

export default defineEventHandler(async (event) => {
  const { email: rawEmail, password } = await readValidatedBody(event, bodySchema.parse)
  const email = normalizeEmail(rawEmail)

  try {
    const userData = await db
      .select({
        id: schema.users.id,
        email: schema.users.email,
        password: schema.users.password,
      })
      .from(schema.users)
      .where(eq(sql`lower(${schema.users.email})`, email))
      .limit(1)
      .then(rows => rows[0] ?? null)

    if (!userData) {
      throw createError({
        statusCode: 401,
        message: 'Invalid email or password'
      })
    }

    const isValidPassword = await verifyPasswordWorker(userData.password, password)

    if (!isValidPassword) {
      throw createError({
        statusCode: 401,
        message: 'Invalid email or password'
      })
    }
    
    // ...
  } catch (error: any) {
    // ...
})