diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implemented password migration for the new authenticators

Browse Source
This commit is contained in:
Wouter de Jong 2020-01-26 15:37:44 +01:00
parent 5efa892395
commit fa4b3ec213
2 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Symfony/Component/Security/Guard/PasswordAuthenticatedInterface.php
View File

@ -11,6 +11,8 @@
namespace Symfony\Component\Security\Guard;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
/**
* An optional interface for "guard" authenticators that deal with user passwords.
*/
@ -22,4 +24,6 @@ interface PasswordAuthenticatedInterface
* @param mixed $credentials The user credentials
*/
public function getPassword($credentials): ?string;
/* public function getPasswordEncoder(): ?UserPasswordEncoderInterface; */
}

16
src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProviderTrait.php
View File

@ -62,8 +62,20 @@ trait GuardAuthenticationProviderTrait
throw new BadCredentialsException(sprintf('Authentication failed because "%s::checkCredentials()" did not return true.', get_debug_type($guardAuthenticator)));
}
if ($this->userProvider instanceof PasswordUpgraderInterface && $guardAuthenticator instanceof PasswordAuthenticatedInterface && null !== $this->passwordEncoder && (null !== $password = $guardAuthenticator->getPassword($token->getCredentials())) && method_exists($this->passwordEncoder, 'needsRehash') && $this->passwordEncoder->needsRehash($user)) {
$this->userProvider->upgradePassword($user, $this->passwordEncoder->encodePassword($user, $password));
if ($guardAuthenticator instanceof PasswordAuthenticatedInterface
&& null !== $password = $guardAuthenticator->getPassword($token->getCredentials())
&& null !== $passwordEncoder = $this->passwordEncoder ?? (method_exists($guardAuthenticator, 'getPasswordEncoder') ? $guardAuthenticator->getPasswordEncoder() : null)
) {
if (method_exists($passwordEncoder, 'needsRehash') && $passwordEncoder->needsRehash($user)) {
if (!isset($this->userProvider)) {
if ($guardAuthenticator instanceof PasswordUpgraderInterface) {
$guardAuthenticator->upgradePassword($user, $guardAuthenticator->getPasswordEncoder()->encodePassword($user, $password));
}
} elseif ($this->userProvider instanceof PasswordUpgraderInterface) {
$this->userProvider->upgradePassword($user, $passwordEncoder->encodePassword($user, $password));
}
}
}
$this->userChecker->checkPostAuth($user);