[英]Symfony2: Auth using Doctrine2 entity - password set to blank value after saving an entity
I've hit a dead end here.我在这里遇到了死胡同。 When I save any kind of entity in my controller, the password and salt of the user that is currently logged in is blanked out in the database.
当我在 controller 中保存任何类型的实体时,当前登录的用户的密码和盐在数据库中被清除。
This is a relevant portion of my security configuration:这是我的安全配置的相关部分:
security:
encoders:
ISE\LoginBundle\Entity\User:
algorithm: sha1
iterations: 1
encode_as_base64: false
providers:
main:
entity:
class: ISE\LoginBundle\Entity\User
property: username
This is the eraseCredentials method of my user class.这是我的用户 class 的 eraseCredentials 方法。 I suspect that at some point this method is called and then the user object is saved to the database with these changes.
我怀疑在某些时候会调用此方法,然后将用户 object 与这些更改一起保存到数据库中。 But I have no idea where that could be:
但我不知道那可能在哪里:
class User implements UserInterface {
// ...
public function eraseCredentials() {
$this->password = null;
$this->salt = null;
}
// ...
}
And this is an example of how I save an entity in one of my controllers, in this case it's the ProductController.这是我如何将实体保存在我的一个控制器中的一个示例,在本例中它是 ProductController。 Just a reminder: I am not manipulating the User object in my code in any way:
提醒一下:我没有以任何方式在我的代码中操纵用户 object:
public function createAction() {
// ...
if ($form->isValid()) {
$em = $this->get('doctrine')->getEntityManager();
$em->persist($product);
$em->flush();
return $this->redirect($this->generateUrl('product_create', array('created' => true)));
}
// ...
}
I wouldn't expect any of this code to delete the user's password or salt in the database, yet exactly that happens.我不希望这些代码中的任何一个删除数据库中用户的密码或盐,但确实会发生这种情况。 Can anyone help me beat my code into submission?
谁能帮我打败我的代码提交?
Symfony has a difference between plaintext and hashed credetials. Symfony 在明文和散列凭据之间存在差异。 In "eraseCredentials" you are supposed to delete all the plaintext information, not the hashed credetials that are saved to the database.
在“eraseCredentials”中,您应该删除所有明文信息,而不是保存到数据库中的散列凭据。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.