问题
In Symfony 2.6, I am using the following method to encode my password. The password is successfully encoded and saved in the DB.
$encoder = $this->container->get('security.password_encoder');
$encodedPwd = $encoder->encodePassword($adminUser, $plainPassword);
When I try to validate the user supplied password provided in the login form as follows:
$adminUser = $this->getDoctrine()->getManager()->getRepository("AcmeUserBundle:AdminUser")->findOneBy(array('username' => $_username));
$_password = $request->request->get('_password');
$encoder = $this->container->get('security.password_encoder');
echo $encoder->isPasswordValid($adminUser, $_password))
The last line is always returning empty, which means that the password is not getting validated. I have gotten this from Symfony documentation and have searched if anyone has encountered similar problem, but doesn't seem to find any. Can any one please provide some insights please?
Thanks! Sharad
回答1:
Ok I found a solution like this and it is working. Hope it helps anybody encountering similar problem.
For encoding the password, I am doing the following:
$factory = $this->get('security.encoder_factory');
$encoder = $factory->getEncoder($user);
$encodedPwd = $encoder->encodePassword($plainPassword, $user->getSalt());
For validating the password, I am doing the following:
$factory = $this->get('security.encoder_factory');
$encoder = $factory->getEncoder($user);
echo $encoder->isPasswordValid($user->getPassword(), $_password, $user->getSalt())
While encoding the password, I wasn't using the salt, but it is important, It all works now.
Thank you Sharad
来源:https://stackoverflow.com/questions/46877700/symfony-security-password-encoder-ispasswordvalid-is-returning-empty