2014-02-21 96 views
0

使用Symfony2,Sonata Admin和mongodb,應用程序保存字段但密碼未加密。索納塔管理員:爲什麼密碼字段未加密?

CRUD工作非常好,保存數據庫上的用戶字段,問題是當我登錄時得到「Bad Credentials」,並且當我看到數據庫時密碼未加密。

我沒有使用UserBundle,FOSUserBundle。

  1. UserAdmin.php

    protected function configureFormFields(FormMapper $formMapper) 
    { 
        $formMapper 
        ->add('names', null, array('label' => 'Nombres','required' => true)) 
        ->add('surnames', null, array('label' => 'Apellidos')) 
        ->add('email', 'email', array('label' => 'Email','required' => true)) 
        ->add('password', 'repeated', array('type' => 'password', 
             'first_options' => array('label' => 'Contraseña'), 
             'second_options' => array('label' => 'Repita la contraseña'), 
             'invalid_message' => 'Las contraseñas no coinciden' 
             )) 
        ->add('birthday','date', array('label' => 'Fecha de Nacimiento', 
            'years' => range(date('y'),date('Y')-90), 
            'format' => 'dd-MMMM-yyyy' 
           )); 
    } 
    
  2. security.yml

    security: 
        encoders: 
        Bluetton\DispatcherBundle\Document\User: 
         algorithm: sha512 
         encode-as-base64: true 
         iterations: 10 
    
        role_hierarchy: 
        ROLE_ADMIN:  ROLE_USER 
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] 
    
        providers: 
        dispatcherdb: 
         mongodb: { class: Bluetton\DispatcherBundle\Document\User, property: email } 
    
        firewalls: 
        main: 
         pattern: /.* 
         provider: dispatcherdb 
         form_login: 
         login_path: /login 
         check_path: /login_check 
         remember_me: true 
         logout: 
         path: /logout 
         target:/
         remember_me: 
         key: MiClaveSegura 
         lifetime: 1800 
         path: /.* 
         domain: ~ 
         security: true 
         anonymous: true 
        access_control: 
        - { path: /setup, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
        - { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
        - { path: /user, roles: IS_AUTHENTICATED_ANONYMOUSLY } #ROLE_USER } # 
        - { path: /.*, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
    
  3. SecurityController.php

    class SecurityController extends Controller 
    { 
        public function loginAction() 
        { 
         $request = $this->getRequest(); 
         $session = $request->getSession(); 
    
         // get the login error if there is one 
         if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) { 
          $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR); 
         } else { 
          $error = $session->get(SecurityContext::AUTHENTICATION_ERROR); 
         } 
    
         return $this->render('DispatcherBundle:Security:login.html.twig', array(
          // last username entered by the user 
          'last_username' => $session->get(SecurityContext::LAST_USERNAME), 
          'error'   => $error, 
         )); 
        } 
        public function indexAction() 
        { 
         $user = new User(); 
    
         $validator = $this->get('validator'); 
         $errors = $validator->validate($user); 
    
         if (count($errors) > 0) { 
    
          $errorsString = (string) $errors; 
    
          return new Response($errorsString); 
         } 
    
         return new Response('El usuario es valido!'); 
        } 
    } 
    

回答

0

我解決上UserAdmin類中重寫功能更新前的()和prePersist()問題

  public function preUpdate($object) { 
       $uniqid = $this->getRequest()->query->get('uniqid'); 
       $encoder = new MessageDigestPasswordEncoder('sha512', true, 10); 
       $formData = $this->getRequest()->request->get($uniqid); 
       if(array_key_exists('password', $formData) && $formData['password'] !== null && strlen($formData['password']['first' ]) > 0) { 
        $object->setPassword($encoder->encodePassword($formData['password']['first' ],$object->getSalt())); 
       } 
      } 

      public function prePersist($object) { 
       $encoder = new MessageDigestPasswordEncoder('sha512', true, 10); 
       $uniqid = $this->getRequest()->query->get('uniqid'); 
       $formData = $this->getRequest()->request->get($uniqid); 
       if(array_key_exists('password', $formData) && $formData['password'] !== null && strlen($formData['password']['first' ]) > 0) { 
        $object->setPassword($encoder->encodePassword($formData['password']['first' ],$object->getSalt())); 
       } 
      } 
0
  1. 你應該使用鉤子描述there(你的情況肯定)
  2. 您需要更改現場申報類似的東西(使用plainPassword而不是密碼)
 

    ->add('plainPassword', 'repeated', array(
     'type' => 'password', 
     'options' => array('translation_domain' => 'FOSUserBundle'), 
     'first_options' => array('label' => 'form.password'), 
     'second_options' => array('label' => 'form.password_confirmation'), 
     'invalid_message' => 'fos_user.password.mismatch', 
    ))