Function comparePassword

comparePassword(password: string, hash: string): Promise<boolean>
Compare plaintext password with bcrypt hash

Securely compares a plaintext password against a bcrypt hash to verify user credentials during authentication. Uses bcrypt's built-in comparison function which handles timing-safe comparison to prevent timing attacks.

This function is essential for user login operations where stored password hashes need to be verified against user-provided plaintext passwords. The comparison is cryptographically secure and resistant to timing attacks.
Parameters
- password: string
  Plaintext password to verify
- hash: string
  Bcrypt hash to compare against
Returns Promise<boolean>
Promise resolving to true if password matches hash, false otherwise
Example
```
// Verify user password during login
const isValidPassword = await comparePassword(
  'userPassword123!',
  '$2b$12$...' // stored hash from database
);

if (isValidPassword) {
  console.log('Authentication successful');
} else {
  console.log('Invalid credentials');
}
```
Example
```
// Usage in authentication service
const user = await getUserByEmail(email);
const isValid = await comparePassword(password, user.passwordHash);
if (!isValid) {
  throw new Error('Invalid credentials');
}
```
- Defined in src/shared/utils/auth.ts:404