Use new authentication and hashing system
This commit is contained in:
		
							parent
							
								
									10e250a1da
								
							
						
					
					
						commit
						b2428f6ae3
					
				
					 4 changed files with 17 additions and 13 deletions
				
			
		|  | @ -1,6 +1,11 @@ | ||||||
| security: | security: | ||||||
|     encoders: |     enable_authenticator_manager: true | ||||||
|  | 
 | ||||||
|  |     password_hashers: | ||||||
|  |         # use your user class name here | ||||||
|         App\Entity\User: |         App\Entity\User: | ||||||
|  |             # Use native password hasher, which auto-selects the best | ||||||
|  |             # possible hashing algorithm (starting from Symfony 5.3 this is "bcrypt") | ||||||
|             algorithm: auto |             algorithm: auto | ||||||
| 
 | 
 | ||||||
|     # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers |     # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers | ||||||
|  | @ -15,7 +20,6 @@ security: | ||||||
|             pattern: ^/(_(profiler|wdt)|css|images|js)/ |             pattern: ^/(_(profiler|wdt)|css|images|js)/ | ||||||
|             security: false |             security: false | ||||||
|         main: |         main: | ||||||
|             anonymous: true |  | ||||||
|             lazy: true |             lazy: true | ||||||
|             provider: app_user_provider |             provider: app_user_provider | ||||||
|             guard: |             guard: | ||||||
|  |  | ||||||
|  | @ -13,7 +13,7 @@ use Symfony\Component\HttpFoundation\Request; | ||||||
| use Symfony\Component\HttpFoundation\Response; | use Symfony\Component\HttpFoundation\Response; | ||||||
| use Symfony\Component\Mime\Address; | use Symfony\Component\Mime\Address; | ||||||
| use Symfony\Component\Routing\Annotation\Route; | use Symfony\Component\Routing\Annotation\Route; | ||||||
| use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; | use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; | ||||||
| use Symfony\Component\Security\Guard\GuardAuthenticatorHandler; | use Symfony\Component\Security\Guard\GuardAuthenticatorHandler; | ||||||
| use SymfonyCasts\Bundle\VerifyEmail\Exception\VerifyEmailExceptionInterface; | use SymfonyCasts\Bundle\VerifyEmail\Exception\VerifyEmailExceptionInterface; | ||||||
| 
 | 
 | ||||||
|  | @ -27,7 +27,7 @@ class RegistrationController extends AbstractController | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|     #[Route('/register', name: 'app_register')]
 |     #[Route('/register', name: 'app_register')]
 | ||||||
|     public function register(Request $request, UserPasswordEncoderInterface $passwordEncoder, GuardAuthenticatorHandler $guardHandler, AppAuthenticator $authenticator): Response |     public function register(Request $request, UserPasswordHasherInterface $passwordHasher, GuardAuthenticatorHandler $guardHandler, AppAuthenticator $authenticator): Response | ||||||
|     { |     { | ||||||
|         $user = new User(); |         $user = new User(); | ||||||
|         $form = $this->createForm(RegistrationFormType::class, $user); |         $form = $this->createForm(RegistrationFormType::class, $user); | ||||||
|  | @ -36,7 +36,7 @@ class RegistrationController extends AbstractController | ||||||
|         if ($form->isSubmitted() && $form->isValid()) { |         if ($form->isSubmitted() && $form->isValid()) { | ||||||
|             // encode the plain password
 |             // encode the plain password
 | ||||||
|             $user->setPassword( |             $user->setPassword( | ||||||
|                 $passwordEncoder->encodePassword( |                 $passwordHasher->encodePassword( | ||||||
|                     $user, |                     $user, | ||||||
|                     $form->get('plainPassword')->getData() |                     $form->get('plainPassword')->getData() | ||||||
|                 ) |                 ) | ||||||
|  |  | ||||||
|  | @ -13,7 +13,7 @@ use Symfony\Component\HttpFoundation\Response; | ||||||
| use Symfony\Component\Mailer\MailerInterface; | use Symfony\Component\Mailer\MailerInterface; | ||||||
| use Symfony\Component\Mime\Address; | use Symfony\Component\Mime\Address; | ||||||
| use Symfony\Component\Routing\Annotation\Route; | use Symfony\Component\Routing\Annotation\Route; | ||||||
| use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; | use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; | ||||||
| use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait; | use SymfonyCasts\Bundle\ResetPassword\Controller\ResetPasswordControllerTrait; | ||||||
| use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface; | use SymfonyCasts\Bundle\ResetPassword\Exception\ResetPasswordExceptionInterface; | ||||||
| use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface; | use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface; | ||||||
|  | @ -71,7 +71,7 @@ class ResetPasswordController extends AbstractController | ||||||
|      * Validates and process the reset URL that the user clicked in their email. |      * Validates and process the reset URL that the user clicked in their email. | ||||||
|      */ |      */ | ||||||
|     #[Route('/reset/{token}', name: 'app_reset_password')]
 |     #[Route('/reset/{token}', name: 'app_reset_password')]
 | ||||||
|     public function reset(Request $request, UserPasswordEncoderInterface $passwordEncoder, string $token = null): Response |     public function reset(Request $request, UserPasswordHasherInterface $passwordHasher, string $token = null): Response | ||||||
|     { |     { | ||||||
|         if ($token) { |         if ($token) { | ||||||
|             // We store the token in session and remove it from the URL, to avoid the URL being
 |             // We store the token in session and remove it from the URL, to avoid the URL being
 | ||||||
|  | @ -106,7 +106,7 @@ class ResetPasswordController extends AbstractController | ||||||
|             $this->resetPasswordHelper->removeResetRequest($token); |             $this->resetPasswordHelper->removeResetRequest($token); | ||||||
| 
 | 
 | ||||||
|             // Encode the plain password, and set it.
 |             // Encode the plain password, and set it.
 | ||||||
|             $encodedPassword = $passwordEncoder->encodePassword( |             $encodedPassword = $passwordHasher->encodePassword( | ||||||
|                 $user, |                 $user, | ||||||
|                 $form->get('plainPassword')->getData() |                 $form->get('plainPassword')->getData() | ||||||
|             ); |             ); | ||||||
|  |  | ||||||
|  | @ -8,7 +8,7 @@ use Symfony\Component\HttpFoundation\RedirectResponse; | ||||||
| use Symfony\Component\HttpFoundation\Request; | use Symfony\Component\HttpFoundation\Request; | ||||||
| use Symfony\Component\Routing\Generator\UrlGeneratorInterface; | use Symfony\Component\Routing\Generator\UrlGeneratorInterface; | ||||||
| use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; | use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; | ||||||
| use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; | use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface; | ||||||
| use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException; | use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException; | ||||||
| use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException; | use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException; | ||||||
| use Symfony\Component\Security\Core\Security; | use Symfony\Component\Security\Core\Security; | ||||||
|  | @ -29,14 +29,14 @@ class AppAuthenticator extends AbstractFormLoginAuthenticator implements Passwor | ||||||
|     private $entityManager; |     private $entityManager; | ||||||
|     private $urlGenerator; |     private $urlGenerator; | ||||||
|     private $csrfTokenManager; |     private $csrfTokenManager; | ||||||
|     private $passwordEncoder; |     private $passwordHasher; | ||||||
| 
 | 
 | ||||||
|     public function __construct(EntityManagerInterface $entityManager, UrlGeneratorInterface $urlGenerator, CsrfTokenManagerInterface $csrfTokenManager, UserPasswordEncoderInterface $passwordEncoder) |     public function __construct(EntityManagerInterface $entityManager, UrlGeneratorInterface $urlGenerator, CsrfTokenManagerInterface $csrfTokenManager, UserPasswordHasherInterface $passwordHasher) | ||||||
|     { |     { | ||||||
|         $this->entityManager = $entityManager; |         $this->entityManager = $entityManager; | ||||||
|         $this->urlGenerator = $urlGenerator; |         $this->urlGenerator = $urlGenerator; | ||||||
|         $this->csrfTokenManager = $csrfTokenManager; |         $this->csrfTokenManager = $csrfTokenManager; | ||||||
|         $this->passwordEncoder = $passwordEncoder; |         $this->passwordHasher = $passwordHasher; | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|     public function supports(Request $request) |     public function supports(Request $request) | ||||||
|  | @ -79,7 +79,7 @@ class AppAuthenticator extends AbstractFormLoginAuthenticator implements Passwor | ||||||
| 
 | 
 | ||||||
|     public function checkCredentials($credentials, UserInterface $user) |     public function checkCredentials($credentials, UserInterface $user) | ||||||
|     { |     { | ||||||
|         return $this->passwordEncoder->isPasswordValid($user, $credentials['password']); |         return $this->passwordHasher->isPasswordValid($user, $credentials['password']); | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|     /** |     /** | ||||||
|  |  | ||||||
		Reference in a new issue