1. 首頁
  2. 問答
  3. 以Symfony 2格式驗證舊密碼

以Symfony 2格式驗證舊密碼

2016-11-18 118 views
0

Huston,我有一個問題:)以Symfony 2格式驗證舊密碼

我需要驗證舊密碼。

Symfony的已建成的密碼驗證,這是偉大的,但是...我需要重新編碼系統。

use Symfony\Component\Security\Core\Validator\Constraints as SecurityAssert; 

/** 
* User 
*/ 
class User implements AdvancedUserInterface, \Serializable 
{ 

    /** 
    * @SecurityAssert\UserPassword() 
    */ 
    protected $oldPassword;

由於密碼是用mcrypt加密的,所以此返回始終爲false。

我曾試圖修改這一類

class UserPasswordValidator extends ConstraintValidator 
{ 
    private $tokenStorage; 
    private $encoderFactory; 

    public function __construct(TokenStorageInterface $tokenStorage, EncoderFactoryInterface $encoderFactory) 
    { 
     $this->tokenStorage = $tokenStorage; 
     $this->encoderFactory = $encoderFactory; 
    } 

    /** 
    * {@inheritdoc} 
    */ 
    public function validate($password, Constraint $constraint) 
    { 
     $user = $this->tokenStorage->getToken()->getUser(); 

     $encoder = new CryptPasswordEncoder(); 

     $oldPass = $user->getPassword(); 

     if ($encoder->isPasswordValid($oldPass, $password, '')) { 
      $this->context->buildViolation($constraint->message) 
       ->setParameter('%string%', $password) 
       ->addViolation(); 
     } 
    } 

}

但是當我提交驗證值$密碼總是

來源

2016-11-18 Stevan Tosic

回答

0

我不得不讓周圍的一些步行路程。

我在控制器中查找舊密碼,如果密碼有效,請與編碼器一起檢查。如果不是我做的錯誤與flashBag以上消息form_widget

public function editProfileAction(Request $request) { 
     $user = $this->getUser(); 
     $oldPassword = $user->getPassword();

我不得不存儲在變量舊密碼,因爲它是後驗證表單覆蓋驗證表單之前。

 $section = $request->get('section'); 

     if ($section == 'password-change') { 
      $formType = EditPasswordFormType::class; 
      $form = $this->createForm($formType, $user); 

      $data['form'] = $form->createView(); 
     } 


     if ($request->isMethod('POST')) { 
      $form->handleRequest($request); 
      if ($form->isValid()) { 
       if ($section == 'password-change') { 
        $data = $form->getData(); 
        $encoder = new CryptPasswordEncoder(); 

        $valid = $encoder->isPasswordValid($oldPassword, $data->oldPassword, ''); 

        if (!$valid) { 
         $this->get('session')->getFlashBag()->set('notValidError', 'You are insert wrong old password'); 
         return $this->redirect($request->getUri()); 
        } 
        $ps->changePassword($user, $form); 

        $this->get('session')->getFlashBag()->set('success', 'Password Changed'); 
        return $this->redirect($request->getUri()); 

       } 

      } else { 
       $data['form'] = $form->createView(); 
      } 

     } 


     return $this->render('@SciProfile/EditProfile/editProfile.html.twig', $data); 
    }

這是樹枝側

{{ form_start(form) }} 
<div class="row" style="margin-top: 40px"> 
    <div class="columns large-4 content-right"> 
     {{ form_label(form.oldPassword) }} 
    </div> 
    <div class="columns large-6 content-middle"> 
     {% for flashMessage in app.session.flashbag.get('notValidError') %} 
      <div data-alert class="alert-box alert radius"> 
       {{ flashMessage }} 
      </div> 
     {% endfor %} 
     {{ form_widget(form.oldPassword) }} 
    </div> 
    <div class="columns large-2"></div> 
</div>

來源

2016-11-19 10:30:59

相關問題

 相關問題