堆栈内存溢出
  简体   繁体   English

如何在Symfony2中设置密码长度限制?

[英]How to set password length constraints in Symfony2?

 原文  2012-09-13 08:33:47       php/ symfony

问题描述

I tried with @Assert\\MinLength but it seems to check after encoding the password when it's long enought in everycase. 我尝试使用@Assert\\MinLength但是在每种情况下密码足够长时,似乎都在对密码进行编码后进行检查。 How to put the constraint before encoding? 如何在编码之前放置约束?

I can't think of anything better that to count the number of symbols with strlen after binding the registration form, but I don't think this will be a good way. 我想不出什么更好的主意,要数与符号的数量strlen结合报名表后,但我不认为这将是一个很好的方式。 And also I'm not sure that even this will work, I'm not sure when exactly the encoding is done. 而且我不确定即使这样也能正常工作,也不确定何时完成编码。

Any suggestions will be appreciated! 任何建议将不胜感激! Thank you in advance! 先感谢您!

2 个解决方案

解决方案1
 1 已采纳  2012-09-13 08:51:37

The problem is that you're using one field for two purposes: storing a password in plain text and encoded form. 问题是您将一个字段用于两个目的:以纯文本和编码形式存储密码。 What you need is a field for each purpose: 您需要的是一个用于各种用途的字段: 

use Symfony\Component\Validator\Constraints\NotBlank;
use Symfony\Component\Validator\Constraints\MinLength;
use Doctrine\ORM\Mapping\Column;

class User 
{
    /**
     * @NotBlank
     * @MinLength(6)
     *
     * @var string
     */
    private $plainPassword;

    /**
     * @Column
     *
     * @var string
     */
    private $password;
}

Only the $password field is persisted to the database and it's not shown in forms so that users can't edit it. 只有$password字段会保留在数据库中,并且不会以表格形式显示,因此用户无法对其进行编辑。

Also you need a Doctrine event listener — or some other code — that checks if $plainPassword is not empty, and if it's not, encode its value and put it into $password . 另外,您还需要一个Doctrine事件侦听器(或其他一些代码)来检查$plainPassword是否不为空,如果不是,则对其值进行编码并将其放入$password

Use the security.encoder_factory service to get the encoder you've setup in your security configuration and use it to encode passwords. 使用security.encoder_factory服务获取在安全配置中设置的编码器,并使用它对密码进行编码。 Also, check my ElnurBlowfishPasswordEncoderBundle . 另外,检查我的ElnurBlowfishPasswordEncoderBundle

解决方案2
 0  2012-09-13 08:51:00

You shouldn't encode password by yourself in password setter. 您不应该自己在密码设置器中对密码进行编码。 Instead of that use some encoder (you even can write your own encoder), and encode password after form is validated. 而不是使用一些编码器(您甚至可以编写自己的编码器),并在验证表单后对密码进行编码。

Here is example how you use encoders: 这是使用编码器的示例:

http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Symfony2覆盖约束 - Symfony2 Override Constraints 如何在symfony2中设置小数 - How to set a decimal in symfony2 Symfony2-无法设置密码表单字段来键入“ password” - Symfony2 - Cannot set password form field to type “password” 如何在symfony2中为约束和验证器类分隔文件夹? - How to separate folders for constraints and validators classes in symfony2? Symfony2:如何在自定义复合表单类型上使用约束? - Symfony2: How to use constraints on custom compound form type? symfony2:运行此方法后,用户密码设置为空 - symfony2 : user password set to empty after running this method 如何在symfony2中设置创建和更新日期? - How to set created and updated date in symfony2? 如何在Symfony2中的表单中设置值? - How to set a value in a form in Symfony2? Symfony2形式,如何设置选项? - Symfony2 form, how options is set? 如何在Symfony2中设置选择字段值? - How to set choice field values in Symfony2?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM