Symfony2自定义密码编码器和密码哈希更新
Symfony2自定义密码编码器和密码哈希更新
提问于 2013-04-07 17:43:03
我通过将wordpress博客移到Symfony来学习Symfony2。我被登录程序卡住了。Wordpress使用像$P$....这样的非标准密码散列,我希望在用户登录时和密码正确时检查用户的旧密码哈希值,然后将其重新散列到bcrypt。到目前为止,我创建了custome编码器类来使用symfony安全机制。
<?php
namespace Pkr\BlogUserBundle\Service\Encoder;
use PHPassLib\Application\Context;
use Symfony\Component\Security\Core\Encoder\BCryptPasswordEncoder;
use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;
use Symfony\Component\Security\Core\Util\SecureRandom;
class WpTransitionalEncoder implements PasswordEncoderInterface
{
public function __construct($cost = 13)
{
$secure = new SecureRandom();
$this->_bcryptEncoder = new BCryptPasswordEncoder($secure, $cost);
}
public function isPasswordValid($encoded, $raw, $salt)
{
if (preg_match('^\$P\$', $encoded)) {
$context = new Context();
$context->addConfig('portable');
return $context->verify($raw, $encoded);
}
return $this->_bcryptEncoder->isPasswordValid($encoded, $raw, $salt);
}
public function encodePassword($raw, $salt)
{
return $this->_bcryptEncoder->encodePassword($raw, $salt);
}
}我把它当作服务:
#/src/Pkr/BlogUserBundle/Resources/config/services.yml
services:
pkr_blog_user.wp_transitional_encoder:
class: Pkr\BlogUserBundle\Service\Encoder\WpTransitionalEncoder在security.yml中:
#/app/config/security.yml
security:
encoders:
Pkr\BlogUserBoundle\Entity\User:
id: pkr_blog_user.wp_transitional_encoder
cost: 15我的问题是:
如何在security.yml**?**中将参数传递给编码器服务表单?
我这么问是因为cost: 15不起作用。
我应该把密码哈希更新逻辑放在哪里?我在想密码验证后的问题--就像这样:
public function isPasswordValid($encoded, $raw, $salt)
{
if (preg_match('^\$P\$', $encoded)) {
$context = new Context();
$context->addConfig('portable');
$isValid = $context->verify($raw, $encoded);
if ($isValid) {
// put logic here...
}
return $isValid;
}
return $this->_bcryptEncoder->isPasswordValid($encoded, $raw, $salt);
}但这似乎是个不合适的地方。那么正确的方法是什么呢?
回答 1
Stack Overflow用户
回答已采纳
发布于 2013-04-13 13:51:45
我自己回答问题。
我在config.yml中放置了编码器服务的参数
pkr_blog_user:
password_encoder:
cost: 17它们将传递给我的包扩展类:
# /src/Pkr/BlogUserBundle/DependencyInjection/PkrBlogUserExtension.php
namespace Pkr\BlogUserBundle\DependencyInjection;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\Config\FileLocator;
use Symfony\Component\HttpKernel\DependencyInjection\Extension;
use Symfony\Component\DependencyInjection\Loader;
/**
* This is the class that loads and manages your bundle configuration
*
* To learn more see {@link http://symfony.com/doc/current/cookbook/bundles/extension.html}
*/
class PkrBlogUserExtension extends Extension
{
/**
* {@inheritDoc}
*/
public function load(array $configs, ContainerBuilder $container)
{
$configuration = new Configuration();
$config = $this->processConfiguration($configuration, $configs);
$loader = new Loader\YamlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
$loader->load('services.yml');
if ($config['password_encoder']['cost'] < 10) {
$config['password_encoder']['cost'] = sprintf('%02d', $config['password_encoder']['cost']);
}
$container->setParameter('pkr_blog_user.wp_transitional_encoder.cost', $config['password_encoder']['cost']);
}
}我发现我可以使用自己的身份验证成功处理程序,这样就有了一个放置密码重散逻辑的好地方。不幸的是,当使用自定义处理程序时,symfony2不会将配置传递给类构造函数,但我找到了一种使其工作的方法。我在这里描述过:
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/15865609
复制相关文章
相似问题
腾讯云开发者
