Symfony 2-不使用bcrypt认证用户
[英]Symfony 2 - not authenticating user using bcrypt
问题描述
I add a user to the database. 
我将一个用户添加到数据库中。
I encode their password using bcrypt encryption: 我使用bcrypt加密对他们的密码进行编码:
$factory = $this->get('security.encoder_factory');
$encoder = $factory->getEncoder($user);
$password = $encoder->encodePassword($user->getPassword(),$user->getSalt());
$postData->setPassword($password);
This all persists to the database just fine. 所有这些都可以持久保存到数据库中。
On my User Entity my getSalt() method returns null: 在我的用户实体上,我的getSalt()方法返回null:
public function getSalt(){
return null;
}
Now when I try to authenticate the symfony logs tells me that I am entering bad credentials. 现在,当我尝试对symfony日志进行身份验证时,会告诉我我输入的凭据不正确。
However... 然而...
If i use this site to encrypt my password with bcrypt: 如果我使用此站点通过bcrypt加密密码:
http://bcrypthashgenerator.apphb.com/ http://bcrypthashgenerator.apphb.com/
Then enter the result into the database manually and try and authenticate with the users password i have updated with the results from the above link, It works fine. 然后将结果手动输入数据库,并尝试使用我用上述链接中的结果更新的用户密码进行身份验证,效果很好。
So there is something I have not set, that when I am encrypting the password that symfony cannot authenticate against it. 因此,我没有设置某些东西,当我加密symfony无法对其进行身份验证的密码时。
I have tried the setting a salt on the getSalt(), setting it to an empty string. 我试过在getSalt()上设置盐,将其设置为空字符串。
EDIT I am using php 5.5.9 编辑我正在使用PHP 5.5.9
I have also tried using the BCryptPasswordEncoder($cost) class, setting the cost on the __construct the same as what's in my security.yml and it still does not authenticate. 我也尝试过使用BCryptPasswordEncoder($ cost)类,将__construct上的费用设置为与security.yml中的相同,并且仍然无法进行身份验证。
EDIT I have also tried installing this class via composer to as suggested here . 编辑我也试图通过安装此作曲类的建议在这里 。
EDIT 编辑
If I use the php method: 如果我使用php方法:
password_hash('testertester',PASSWORD_BCRYPT,array('cost'=>13));
It authenticates perfectly. 它完美认证。
So its something to do deeper in Symfony. 因此,它在Symfony中有更深的意义。 I'll keep digging. 我会继续挖掘。
Still no luck :-/ 还是没有运气:-/
I am scouring the web to no avail so far. 到目前为止,我一直在搜索网上无济于事。
Any help would be greatly appreciated. 任何帮助将不胜感激。
Ad 广告
1 个解决方案
解决方案1
0 已采纳 2015-02-19 22:32:47
I was passing in the existing entity object not the submitted data object!! 我传递的是现有实体对象而不是提交的数据对象!
$postData = $form->getdata();
$factory = $this->get('security.encoder_factory');
$encoder = $factory->getEncoder($user);
$password = $encoder->encodePassword($user->getPassword(),$user->getSalt());
$postData->setPassword($password);
Note this line here: 在这里注意这一行:
$user->getPassword() needed to be $postData->getPassword() $ user-> getPassword()必须是$ postData-> getPassword()
$password = $encoder->encodePassword($postData->getPassword(),$user->getSalt());
You live and learn ay! 你生活和学习!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.