Last active
October 8, 2018 08:10
-
-
Save stof/cda5cad681e4fef092631a7a93c40ef7 to your computer and use it in GitHub Desktop.
FOSUserBundle password hashing upgrade on password changes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
UPDATE fos_user SET password_encoder = 'legacy_sha512'; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace Incenteev\WebBundle\Util; | |
use FOS\UserBundle\Model\UserInterface; | |
use FOS\UserBundle\Util\PasswordUpdaterInterface; | |
use Incenteev\WebBundle\Entity\User; | |
class PasswordHashUpgrader implements PasswordUpdaterInterface | |
{ | |
/** | |
* @var PasswordUpdaterInterface | |
*/ | |
private $updater; | |
public function __construct(PasswordUpdaterInterface $updater) | |
{ | |
$this->updater = $updater; | |
} | |
public function hashPassword(UserInterface $user) | |
{ | |
if ($user instanceof User && 0 !== strlen($user->getPlainPassword())) { | |
// If we have a plain password to re-hash it, force resetting the encoder | |
// being used to the best one. | |
$user->resetPasswordEncoder(); | |
} | |
$this->updater->hashPassword($user); | |
} | |
} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
security: | |
encoders: | |
FOS\UserBundle\Model\User: bcrypt | |
# legacy hashing algorithms being used in the project. | |
# User objects using one of these will have the "passwordEncoder" property | |
# set to the corresponding identifier. | |
# User objects with "null" as "passwordEncoder" will use the default encoder | |
# for this class, which is configured above. | |
legacy_sha512: sha512 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace Incenteev\WebBundle\Entity; | |
use Doctrine\ORM\Mapping as ORM; | |
use FOS\UserBundle\Model\User as BaseUser; | |
use Gedmo\Mapping\Annotation as Gedmo; | |
use Incenteev\WebBundle\Validator as IncenteevAssert; | |
use Symfony\Component\Security\Core\Encoder\EncoderAwareInterface; | |
use Symfony\Component\Validator\Constraints as Assert; | |
/** | |
* @ORM\Table(name="users") | |
* @ORM\Entity() | |
*/ | |
class User extends BaseUser implements EncoderAwareInterface | |
{ | |
/** | |
* @var int | |
* | |
* @ORM\Column(name="id", type="integer") | |
* @ORM\Id | |
* @ORM\GeneratedValue(strategy="AUTO") | |
*/ | |
protected $id; | |
/** | |
* @var string|null | |
* | |
* @ORM\Column(type="string", length=255, nullable=true) | |
*/ | |
private $passwordEncoder; | |
public function resetPasswordEncoder() | |
{ | |
$this->passwordEncoder = null; | |
} | |
public function getEncoderName() | |
{ | |
return $this->passwordEncoder; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment