堆栈内存溢出
  简体   繁体   English

Symfony2-登录检查密码

[英]Symfony2 - Login check password

 原文  2016-10-21 11:07:49       php/ symfony

问题描述

I have a custom user provider in which I retrieve the password from a database. 我有一个自定义用户提供程序,可在其中从数据库中检索密码。 This password is based on a text+username . 该密码基于text+username

In Symfony login_check process, I'd like that the password field equals to the input text in this password field + the input text in the username field , and not only based on the input text in the password field. Symfony login_check流程中,我希望密码字段等于此password field的输入文本+ username field login_check password field的输入文本,而不仅仅是基于密码字段中的输入文本。

Is there a way to do that ? 有没有办法做到这一点 ?

In short, I'd like to force symfony to check if password defined in the User Provider equals to _password field + _username field 简而言之,我想强制symfony检查在用户提供程序中定义的密码是否等于_password字段+ _username字段

1 个解决方案

解决方案1
 1  2016-10-21 17:53:06

Todo that you will need to also right a custom authentication provider. 为此,您还需要纠正自定义身份验证提供程序。 You can look through the doc here to do that: 您可以在此处查看文档以完成此操作:

http://symfony.com/doc/current/security/custom_authentication_provider.html http://symfony.com/doc/current/security/custom_authentication_provider.html

Basically clone the default one and add your changes to the password checker. 基本上克隆默认密码,然后将更改添加到密码检查器中。

You may also be able to accomplish it by doing as the custom user provider docs suggest: 您也可以按照自定义用户提供程序文档的建议完成此操作:

If your external users have their passwords salted via a different method, then you'll need to do a bit more work so that Symfony properly encodes the password. 如果您的外部用户使用不同的方法加密了密码,则您需要做更多的工作,以使Symfony正确地编码密码。 That is beyond the scope of this entry, but would include sub-classing MessageDigestPasswordEncoder and overriding the mergePasswordAndSalt method. 这超出了本条目的范围,但将包括对MessageDigestPasswordEncoder进行子类化,以及重写mergePasswordAndSalt方法。

http://symfony.com/doc/current/security/custom_provider.html http://symfony.com/doc/current/security/custom_provider.html

It seems like you may be using the username field as a salt of sorts so that may be simpler to accomplish then writing a full custom authentication 似乎您可能将用户名字段用作某种形式的盐,这样在编写完整的自定义身份验证后可能更容易完成

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用md5密码登录Symfony2 - Symfony2 login with md5 password Symfony2:用户/身份验证提供程序; 密码检查 - Symfony2: user/authentication provider; password check 更改 symfony2 login_check URL - Change symfony2 login_check URL 在Symfony2和FOSUserBundle中,重写login_check - In Symfony2 and FOSUserBundle, override the login_check symfony2-登录检查的安全性问题 - symfony2 - security issue with login check php symfony2 login_check 验证码 - php symfony2 login_check captcha Symfony2在一个视图中登录,注册和忘记密码 - Symfony2 fos login, register and forgot password in one view Symfony2 FOS用户密码检查回调约束 - Symfony2 FOS User password check callback constraint Symfony2 LexikJWTAuthenticationBundle在login_check之后无法正常工作 - Symfony2 LexikJWTAuthenticationBundle not working past login_check Symfony2“此身份验证方法需要会话”登录检查时出错 - Symfony2 “This authentication method requires a session” error on login check
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM