[英]Symfony2 - Login check password
I have a custom user provider in which I retrieve the password from a database. 我有一个自定义用户提供程序,可在其中从数据库中检索密码。 This password is based on a
text+username
. 该密码基于
text+username
。
In Symfony login_check
process, I'd like that the password field equals to the input text in this password field
+ the input text in the username field
, and not only based on the input text in the password field. 在Symfony
login_check
流程中,我希望密码字段等于此password field
的输入文本+ username field
login_check
password field
的输入文本,而不仅仅是基于密码字段中的输入文本。
Is there a way to do that ? 有没有办法做到这一点 ?
In short, I'd like to force symfony to check if password defined in the User Provider equals to _password
field + _username
field 简而言之,我想强制symfony检查在用户提供程序中定义的密码是否等于
_password
字段+ _username
字段
Todo that you will need to also right a custom authentication provider. 为此,您还需要纠正自定义身份验证提供程序。 You can look through the doc here to do that:
您可以在此处查看文档以完成此操作:
http://symfony.com/doc/current/security/custom_authentication_provider.html http://symfony.com/doc/current/security/custom_authentication_provider.html
Basically clone the default one and add your changes to the password checker. 基本上克隆默认密码,然后将更改添加到密码检查器中。
You may also be able to accomplish it by doing as the custom user provider docs suggest: 您也可以按照自定义用户提供程序文档的建议完成此操作:
If your external users have their passwords salted via a different method, then you'll need to do a bit more work so that Symfony properly encodes the password.
如果您的外部用户使用不同的方法加密了密码,则您需要做更多的工作,以使Symfony正确地编码密码。 That is beyond the scope of this entry, but would include sub-classing MessageDigestPasswordEncoder and overriding the mergePasswordAndSalt method.
这超出了本条目的范围,但将包括对MessageDigestPasswordEncoder进行子类化,以及重写mergePasswordAndSalt方法。
http://symfony.com/doc/current/security/custom_provider.html http://symfony.com/doc/current/security/custom_provider.html
It seems like you may be using the username field as a salt of sorts so that may be simpler to accomplish then writing a full custom authentication 似乎您可能将用户名字段用作某种形式的盐,这样在编写完整的自定义身份验证后可能更容易完成
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.