FOSUserBundle强制用户输入其他密码 [英] FOSUserBundle force user to write a different password

问题描述

我有一个使用FOSUSerBundle在Symfony2.0上运行的应用程序. 连接该应用程序的用户每3个月必须更改一次它的密码，该密码就位并且可以正常工作.

I have an application running on Symfony2.0 with FOSUSerBundle. Every 3 months a user who connect the application have to change its password, it's in place and it's working.

今天每3个月，如果用户使用与前一个相同的新密码来编写密码，则不会进行验证，并且可以再使用3个月.

Today every 3 months if the user write as new password the same as the previous one there is no verification and he can use it 3 more months.

我想对密码重置添加一个限制，并强制用户提供与上一个密码不同的密码. 我不知道该怎么做.我试图创建一个验证器，但是验证器中没有用户ID ...

I would like to add a constraints on the password reset and force the user to give a different password from the previous one. I have no idea how to do this. I tried to create a validator but i don't have my user ID in the validator...

有任何线索吗?

推荐答案

我找到了一个解决方案，它可以正常工作，但仍然存在一个小问题:当我提交新密码时，如果尝试输入与上一个密码相同的密码一，我的表单无效(太好了！)，但是我正在使用时，我的树枝没有显示错误消息:

I found a solution, It's working but I still have a small issue : when i submit my new password, if i try to put the same password as the previous one, my form is not valid (that's great !), but the error message is not shown by my twig whereas I'm using :

{{ form_widget(edit_form) }}

知道为什么吗?

无论如何，这是我的解决方案:

Anyway here is my solution :

我在课程级别添加了一个验证器以验证密码.为此，我在User类上添加了一个验证器:

I added a validator on the class level to verify the password. To do so, i added a validator on my User class :

// \src\Acme\UserBundle\Resources\config\validation.xml
<class name="Acme\UserBundle\Entity\User">
    <constraint name="Acme\UserBundle\Validator\Constraints\IsDifferentPassword">
        <option name="message">Password has to be different from the previous one</option>
    </constraint>
    <property name="plainPassword">
        <constraint name="NotBlank">
            <option name="message">fos_user.password.blank</option>
        </constraint>
    </property>
</class>

我在班级创建了一个验证器:

And i created a validator on the class level :

// \src\Acme\UserBundle\Validator\Constraints\IsDifferentPassword.php

namespace Acme\UserBundle\Validator\Constraints;

use Symfony\Component\Validator\Constraint;

/**
 * @Annotation
 */
class IsDifferentPassword extends Constraint
{
    public $message = 'Password has to be different from the previous one';

    public function getTargets()
    {
        return Constraint::CLASS_CONSTRAINT;
    }
}

然后:

// \src\Acme\UserBundle\Validator\Constraints\IsDifferentPasswordValidator.php

namespace Acme\UserBundle\Validator\Constraints;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\ConstraintValidator;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;

class IsDifferentPasswordValidator extends ConstraintValidator
{
    public function isValid($value, Constraint $constraint)
    {
        $encoder = new MessageDigestPasswordEncoder();
        $password = $encoder->encodePassword($value->getPlainPassword(), $value->getSalt());
        $oldPassword = $value->getPassword();
        if($password == $oldPassword){
            return false;
        }
        return true;
    }
}

这篇关于FOSUserBundle强制用户输入其他密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！