如何在symfony中添加带有bcrypt密码加密的管理员?
[英]How to add an administrator with bcrypt password encryption in symfony?
问题描述
I've encountered a "strange" issue while developing a website using symfony 2.6. 
我在使用symfony 2.6开发网站时遇到了一个“奇怪”的问题。 I've already setup all the security stuff, including password encryption on registration (with bcrypt) to User and Admin entities. 我已经设置了所有安全性的东西,包括注册时的密码加密(使用bcrypt)给User和Admin实体。 Now I want to add an admin and a user to try if my login engine works well, but obviously I cannot register a new user/admin with my website because of the security engine (ie i cannot access to the addUser page, because there's not an admin registered). 现在我想添加一个管理员和一个用户来尝试我的登录引擎是否运行良好,但显然由于安全引擎我无法在我的网站上注册一个新的用户/管理员(即我无法访问addUser页面,因为没有管理员注册)。 I tried to create an admin directly from phpMyAdmin console but, at the moment when I put the admin's password, it is saved as plaintext (differently from the registration phase in my engine, that stores encrypted passwords), so the login fails. 我试图直接从phpMyAdmin控制台创建一个管理员但是,在我输入管理员密码的那一刻,它被保存为明文(与我的引擎中存储加密密码的注册阶段不同),因此登录失败。
So, how can i solve this issue? 那么,我该如何解决这个问题呢?
Hope all of you understood this, otherwise feel free to ask! 希望大家都明白这一点,否则随便问一下!
Thanks in advance, Panc 提前谢谢,Panc
3 个解决方案
解决方案1
4 已采纳 2015-01-22 10:57:37
Ok, so I have found this great and simple tutorial that explains weel how to "autogenerate" a user using Doctrine's Fixtures, in which there's a method called "load" that simply does the following: 好的,所以我找到了这个非常简单的教程 ,解释了如何使用Doctrine的Fixtures“自动生成”用户,其中有一个名为“load”的方法,它只是执行以下操作:
public function load(ObjectManager $manager)
{
$user = new User();
$user->setUsername("someuser");
$user->setSalt(md5(uniqid()));
$encoder = $this->container->get('security.encoder_factory')->getEncoder($user);
$user->setPassword($encoder->encodePassword('blue', $user->getSalt()));
$user->setEmail("someuser@mail.ca");
$manager->persist($user);
$manager->flush();
}
Also Thanks to @acontell to his response. 还要感谢@acontell对他的回复。 Maybe my solution will help you in future. 也许我的解决方案将来会帮助你。 :) :)
解决方案2
2 2015-01-21 18:58:05
Use any webpage that generates bcrypt passwords such as this one . 使用产生bcrypt的密码,如本网页的任何一个 。 Generate the password and store it encrypted in your database. 生成密码并将其加密存储在数据库中。 Login using the user you created and the pass (obviously, the non-encrypted version of it). 使用您创建的用户和通行证(显然是非加密版本)登录。
It should work. 它应该工作。
解决方案3
2 2018-01-06 11:33:05
Symfony 3 ships a very useful command for this: security:encode-password Symfony 3为此提供了一个非常有用的命令: security:encode-password
The security:encode-password command encodes passwords according to your security configuration.
php ./bin/console security:encode-password --no-interaction _password_ "App\\Entity\\User"
Give 给
------------------ ----------------------------------------------------------------------
Key Value
------------------ ----------------------------------------------------------------------
Encoder used Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder
Encoded password 94H61KiSMDm60HL63z+s8AxLUTqwVv8aoKshC3X1q5A=
Generated salt tyPR/b4ussonYznhJ/bgtlTKSerBznRcNEPgSNmW
------------------ ----------------------------------------------------------------------
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.