问题
I have legacy application that keeps passwords encrypted with sha1() function, no salt.
Now that site is being converted into Symfony2 and FOSUserBundle, how can I transfer them to new database?
回答1:
i had the same problem
just override the encoder like explained by @iamdto
# app/config/security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface:
id: your.custom.encoder
Your class should be
use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;
class CustomEncoder implements PasswordEncoderInterface
{
public function encodePassword( $raw, $salt ) {
//do not use salt here
return sha1($raw);
}
public function isPasswordValid( $encoded, $raw, $salt ) {
return $encoded === $this->encodePassword( $raw, $salt );
}
}
You should add a column "version" to get legacy users and update their infos on next login
回答2:
Have you tried :
# app/config/security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha1
You should have a look at these references too :
- Configure your application's security.yml
- Encoding the User's Password
回答3:
My colleague wrote a bundle for this very purpose:
https://packagist.org/packages/markup/fallback-password-encoder-bundle
来源:https://stackoverflow.com/questions/14435820/how-to-convert-sha1-passwords-into-fosuserbundle