[Security] tweaked some exception messages
This commit is contained in:
parent
41a1a75b92
commit
e6fd8deb00
@ -59,11 +59,11 @@ class DaoAuthenticationProvider extends UserAuthenticationProvider
|
||||
}
|
||||
} else {
|
||||
if (!$presentedPassword = $token->getCredentials()) {
|
||||
throw new BadCredentialsException('Bad credentials');
|
||||
throw new BadCredentialsException('The presented password cannot be empty.');
|
||||
}
|
||||
|
||||
if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
|
||||
throw new BadCredentialsException('Bad credentials');
|
||||
throw new BadCredentialsException('The presented password is invalid.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user