I am building an Expo App for IOS Phone. I have added login page which provides reset password mechanism. I have used Node.js program to reset the password and the new resetted password is saved as hash password using bcrypt (ex: $2b$05$cMUtC/1WHxzGNqDTJcCBJOf9i7D6ad57jKyYqChLF0Vvji1A2mzIq for Test123456) inside Mysql database. This is working well and good. Below is the node.js program:

users.js:

var express = require('express');
var router = express.Router();
var connection = require('../database.js');
var nodemailer = require('nodemailer');
var bcrypt = require('bcrypt');
var randtoken = require('rand-token');
//send email
function sendEmail(email, token) {
var email = email;
var token = token;
var mail = nodemailer.createTransport({
service: 'gmail',
auth: {
user: '*******@gmail.com', // Your email id
pass: '*******' // Your password
}
});
var mailOptions = {
from: 'abc@tech.com',
to: email,
subject: 'Reset Password Link - Tutsmake.com',
html: '<p>You requested for reset password, kindly use this <a 
href="http://localhost:4000/reset-password?token=' + token + '">link</a> to reset 
your password</p>'
 };
 mail.sendMail(mailOptions, function(error, info) {
 if (error) {
 console.log(1)
  } else {
  console.log(0)
  }
  });
   }
  /* home page */
  router.get('/', function(req, res, next) {
  res.render('index', {
  title: 'Forget Password Page'
  });
  });
  /* send reset password link in email */
  router.post('/reset-password-email', function(req, res, next) {
  var email = req.body.email;
   connection.query('SELECT * FROM JTGDB.UserInfo WHERE email ="' + email + '"', 
   function(err, result) {
   if (err) throw err;
   var type = ''
   var msg = ''
  console.log(result[0]);
  if (result[0].Email.length > 0) {
  var token = randtoken.generate(20);
  var sent = sendEmail(email, token);
  if (sent != '0') {
  var data = {
      token: token
  }
   connection.query('UPDATE JTGDB.UserInfo SET ? WHERE email ="' + email + '"', data, 
   function(err, result) {
   if(err) throw err
   })
   type = 'success';
    msg = 'The reset password link has been sent to your email address';
   } else {
   type = 'error';
    msg = 'Something goes to wrong. Please try again';
    }
    } else {
    console.log('2');
    type = 'error';
    msg = 'The Email is not registered with us';
    }
    req.flash(type, msg);
    res.redirect('/');
    });
    })
    /* reset page */
    router.get('/reset-password', function(req, res, next) {
    res.render('reset-password', {
    title: 'Reset Password Page',
     token: req.query.token
     });
     });
   /* update password to database */
  router.post('/update-password', function(req, res, next) {
  var token = req.body.token;
  var password = req.body.password;
  connection.query('SELECT * FROM JTGDB.UserInfo WHERE token ="' + token + '"', 
  function(err, result) {
  if (err) throw err;
  var type
  var msg
  if (result.length > 0) {
   var saltRounds = 5;
  bcrypt.genSalt(saltRounds, function(err, salt) {
  bcrypt.hash(password, salt, function(err, hash) {
  var data = {
  password: hash
  }
  connection.query('UPDATE JTGDB.UserInfo SET ? WHERE email ="' + result[0].Email + 
   '"', data, function(err, result) {
  if(err) throw err
  });
  });
  });
  type = 'success';
  msg = 'Your password has been updated successfully';
  } else {
  console.log('2');
  type = 'success';
  msg = 'Invalid link; please try again';
  }
  req.flash(type, msg);
  res.redirect('/');
  });
   })
  module.exports = router;

But in Expo App, I want to hash the password that we enter in the login page and compare with the database hash password and then let the user to log into the App.

I have added a post request in app.js to get password from expo app and convert to hash code and compare it with database password to let user log in.Below is the app.js code .

app.js:

var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');
var flash = require('express-flash');
var session = require('express-session');
var bodyParser = require('body-parser');
const createError = require('http-errors');
var indexRouter = require('./routes/index');
var usersRouter = require('./routes/users');
var bcrypt = require('bcrypt');
var app = express();


/* hash password from database to expo App  */
app.post('/hash-password', function(req, res, next) {
const password = req.body.password;
console.log('Password is '+password)
var saltRounds = 5;
 //var hash = bcrypt.hash(password, saltRounds);
bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(password, salt, function(err, hash) {
var data = {
password: hash
}
console.log(data);
})
})
})

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');

app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));

app.use(session({ 
secret: '********',
resave: false,
saveUninitialized: true,
cookie: { maxAge: 60000 }
}))

app.use(flash());
app.use('/', usersRouter);

// catch 404 and forward to error handler
app.use(function(req, res, next) {
next(createError(404));
});

// error handler
app.use(function(err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : 
{};

// render the error page
res.status(err.status || 500);
 res.render('error');
});

 app.listen(4000, function () {
 console.log('Node app is running on port 4000');
  });

 module.exports = app;

I checked the code by sending password from postman ,but I am getting the below error: