diff --git a/config/packages/security.yaml b/config/packages/security.yaml index df6ee99..82916c9 100644 --- a/config/packages/security.yaml +++ b/config/packages/security.yaml @@ -1,6 +1,11 @@ security: - encoders: + enable_authenticator_manager: true + + password_hashers: + # use your user class name here App\Entity\User: + # Use native password hasher, which auto-selects the best + # possible hashing algorithm (starting from Symfony 5.3 this is "bcrypt") algorithm: auto # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers @@ -15,7 +20,6 @@ security: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: - anonymous: true lazy: true provider: app_user_provider guard: diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php index 8e4951d..ca23364 100644 --- a/src/Controller/RegistrationController.php +++ b/src/Controller/RegistrationController.php @@ -13,7 +13,7 @@ use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Mime\Address; use Symfony\Component\Routing\Annotation\Route; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Security\Guard\GuardAuthenticatorHandler; use SymfonyCasts\Bundle\VerifyEmail\Exception\VerifyEmailExceptionInterface; @@ -27,7 +27,7 @@ class RegistrationController extends AbstractController } #[Route('/register', name: 'app_register')] - public function register(Request $request, UserPasswordEncoderInterface $passwordEncoder, GuardAuthenticatorHandler $guardHandler, AppAuthenticator $authenticator): Response + public function register(Request $request, UserPasswordHasherInterface $passwordHasher, GuardAuthenticatorHandler $guardHandler, AppAuthenticator $authenticator): Response { $user = new User(); $form = $this->createForm(RegistrationFormType::class, $user); @@ -36,7 +36,7 @@ class RegistrationController extends AbstractController if ($form->isSubmitted() && $form->isValid()) { // encode the plain password $user->setPassword( - $passwordEncoder->encodePassword( + $passwordHasher->encodePassword( $user, $form->get('plainPassword')->getData() ) diff --git a/src/Controller/ResetPasswordController.php b/src/Controller/ResetPasswordController.php index 293cc6a..fcfd24d 100644 --- a/src/Controller/ResetPasswordController.php +++ b/src/Controller/ResetPasswordController.php @@ -13,7 +13,7 @@ use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Mailer\MailerInterface; use Symfony\Component\Mime\Address; use Symfony\Component\Routing\Annotation\Route; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait; use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface; use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface; @@ -71,7 +71,7 @@ class ResetPasswordController extends AbstractController * Validates and process the reset URL that the user clicked in their email. */ #[Route('/reset/{token}', name: 'app_reset_password')] - public function reset(Request $request, UserPasswordEncoderInterface $passwordEncoder, string $token = null): Response + public function reset(Request $request, UserPasswordHasherInterface $passwordHasher, string $token = null): Response { if ($token) { // We store the token in session and remove it from the URL, to avoid the URL being @@ -106,7 +106,7 @@ class ResetPasswordController extends AbstractController $this->resetPasswordHelper->removeResetRequest($token); // Encode the plain password, and set it. - $encodedPassword = $passwordEncoder->encodePassword( + $encodedPassword = $passwordHasher->encodePassword( $user, $form->get('plainPassword')->getData() ); diff --git a/src/Security/AppAuthenticator.php b/src/Security/AppAuthenticator.php index cf8f8ba..3ca8d6f 100644 --- a/src/Security/AppAuthenticator.php +++ b/src/Security/AppAuthenticator.php @@ -8,7 +8,7 @@ use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Routing\Generator\UrlGeneratorInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; +use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException; use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException; use Symfony\Component\Security\Core\Security; @@ -29,14 +29,14 @@ class AppAuthenticator extends AbstractFormLoginAuthenticator implements Passwor private $entityManager; private $urlGenerator; private $csrfTokenManager; - private $passwordEncoder; + private $passwordHasher; - public function __construct(EntityManagerInterface $entityManager, UrlGeneratorInterface $urlGenerator, CsrfTokenManagerInterface $csrfTokenManager, UserPasswordEncoderInterface $passwordEncoder) + public function __construct(EntityManagerInterface $entityManager, UrlGeneratorInterface $urlGenerator, CsrfTokenManagerInterface $csrfTokenManager, UserPasswordHasherInterface $passwordHasher) { $this->entityManager = $entityManager; $this->urlGenerator = $urlGenerator; $this->csrfTokenManager = $csrfTokenManager; - $this->passwordEncoder = $passwordEncoder; + $this->passwordHasher = $passwordHasher; } public function supports(Request $request) @@ -79,7 +79,7 @@ class AppAuthenticator extends AbstractFormLoginAuthenticator implements Passwor public function checkCredentials($credentials, UserInterface $user) { - return $this->passwordEncoder->isPasswordValid($user, $credentials['password']); + return $this->passwordHasher->isPasswordValid($user, $credentials['password']); } /**