Symfony2自定义密码编码器(bcrypt) [英] Symfony2 custom Password Encoder (bcrypt)
问题描述
我已经编写了实现PasswordEncoderInterface
的密码编码器:
I've written my own password encoder which implements the PasswordEncoderInterface
:
class BCryptPasswordEncoder implements PasswordEncoderInterface {
protected $encoder;
public function __construct(BCryptEncoder $encoder) {
$this->encoder = $encoder;
}
public function encodePassword($raw, $salt) {
return $this->encoder->encodeString($raw, $salt);
}
public function isPasswordValid($encoded, $raw, $salt) {
return $this->encoder->encodeString($raw, $salt) == $encoded;
}
}
编码器已注册为ID为bcrypt.password.encoder
的服务.但是我不知道如何告诉symfony用户.
当前app/config/security.yml
看起来像这样:
The encoder is registered as a service with the id bcrypt.password.encoder
. But I don't know, how to tell symfony to user it.
Currently the app/config/security.yml
looks like this:
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
neo4j:
id: security.user.provider.neo4j
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
provider: neo4j
pattern: ^/.*
form_login:
check_path: /login_check
login_path: /login
logout:
path: /logout
target: /
anonymous: ~
access_control:
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/.*, role: ROLE_ADMIN }
顺便说一句,我没有使用任何教义实体.
Btw I'm not using any doctrine entities.
编辑:Symfony\Component\Security\Core\User\User
是我的UserObject.我对security.yml
做了一些修改:
Edit: Symfony\Component\Security\Core\User\User
is my UserObject. I modified the security.yml
a bit:
encoders:
Symfony\Component\Security\Core\User\User:
id: bcrypt.password.encoder
这将导致致命错误:
Catchable Fatal Error: Argument 1 passed to EMC3\Bundle\UserBundle\Neo4jUserProvider::__construct() must be an instance of EMC3\Bundle\UserBundle\UserManager, instance of EMC3\Bundle\UserBundle\BCryptEncoder given, called in /var/www/emc3/app/cache/dev/appDevDebugProjectContainer.php on line 227 and defined in /var/www/emc3/src/EMC3/Bundle/UserBundle/Neo4jUserProvider.php line 29
这对我没有任何意义.
推荐答案
截至2011年11月,在Symfony 2.2之前,尚无直接支持.
As of November 2011, before Symfony 2.2, this is not directly supported.
我建议您使用我写的 Blowfish密码编码器捆绑包(ElnurBlowfishPasswordEncoderBundle
),而不是重新发明轮子,它可以解决相同的问题.或者,至少,您可以看到它是如何实现的.
Instead of reinventing the wheel, I suggest you to use the Blowfish Password Encoder bundle I wrote (ElnurBlowfishPasswordEncoderBundle
), which solves the same problem. Or, at least, you can see how it's implemented.
如果您使用的是Symfony 2.2或更高版本,请有关配置的信息,请参见Seldaek的答案说明.
If you're using Symfony 2.2 or later, see Seldaek's answer for configuration instructions.
这篇关于Symfony2自定义密码编码器(bcrypt)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!