Manual authentication check Symfony 2

Question

I\'m working on a Symfony 2 application where the user must select a profile during the login process.

Users may have multiples profiles to work with and they only know

Answer 1

I used the code from @Jordon and @Potor Polak to wrap the logic in a standalone service that used the current access token to validate the password. Maybe some needs this:

services.yml:

app.validator.manual_password:
    class: AppBundle\Service\ManualPasswordValidator
    arguments:
        - '@security.token_storage'
        - '@security.encoder_factory'

ManualPasswordValidator.php:

encoderFactory = $encoderFactory;
        $this->tokenStorage = $tokenStorage;
    }

    /**
     * @param $password
     * @return bool
     */
    public function passwordIsValidForCurrentUser($password)
    {
        $token = $this->tokenStorage->getToken();

        if ($token) {
            $user = $token->getUser();

            if ($user) {
                $encoder = $this->encoderFactory->getEncoder($user);

                if ($encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) {
                    return true;
                }
            }
        }

        return false;
    }
}

After this you can inject the ManualPasswordValidator wherever you want and use it like:

$password        = $request->get('password');
$passwordIsValid = $this->manualPasswordValidator->passwordIsValidForCurrentUser($password);