Symfony 4 EasyAdmin如何加密密码?

时间:2019-02-18 10:12:20

标签: symfony easyadmin symfony-4.2

我正在使用EasyAdmin来添加/编辑用户,并想询问是否可以加密您的密码? 以前我使用Symfony 4 make:registration-form时,密码加密曾起作用,但现在无法使用,必须使用EasyAdmin。

easy_admin.yaml 

easy_admin:
  entities:
    User:
     class: App\Entity\User
     password_encoding: { algorithm: 'bcrypt', cost: 12 }

(实际)我转到EasyAdmin页面(/ admin),单击“用户”,然后添加用户,填写电子邮件(test@gmail.com)和密码(测试),然后单击“保存更改”。

现在,用户已存储在数据库中,但具有明文密码。 enter image description here

(预期)以上所有内容,但密码已加密。

3 个答案:

答案 0 :(得分:4)

我基于Symfony 5和PHP 7.4的工作项目中的代码

  1. 扩展EasyAdminController
<?php

declare(strict_types=1);

namespace App\Controller;

use App\Entity\User;
use EasyCorp\Bundle\EasyAdminBundle\Controller\EasyAdminController;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;

/**
 * Class AdminController.
 *
 * @author Dmitriy Atamaniuc <d.atamaniuc@gmail.com>
 */
final class AdminController extends EasyAdminController
{
    private UserPasswordEncoderInterface $encoder;

    private function setUserPlainPassword(User $user): void
    {
        if ($user->getPlainPassword()) {
            $user->setPassword($this->encoder->encodePassword($user, $user->getPlainPassword()));
        }
    }

    /**
     * @required
     */
    public function setEncoder(UserPasswordEncoderInterface $encoder): void
    {
        $this->encoder = $encoder;
    }

    public function persistUserEntity(User $user): void
    {
        $this->setUserPlainPassword($user);

        $this->persistEntity($user);
    }

    public function updateUserEntity(User $user): void
    {
        $this->setUserPlainPassword($user);

        $this->updateEntity($user);
    }
}
  1. 在EasyAdminBundle中注册控制器,编辑config/routes/easy_admin.yaml
easy_admin_bundle:
    resource: 'App\Controller\AdminController'
    prefix: /admin
    type: annotation
  1. plainPassword个“虚拟”属性添加到您的User实体中:
/**
* @Assert\NotBlank()
* @Assert\Length(min=5, max=128)
*/
private ?string $plainPassword = null;

public function getPlainPassword(): ?string
{
    return $this->plainPassword;
}

public function setPlainPassword(string $password): void
{
    $this->plainPassword = $password;
}
  1. 更新easy_admin.yaml 
easy_admin:
    entities:
        User:
            class: App\Entity\User
            label: label.user
            new:
                title:  field.user.add_new
                fields:
                    # some fields like username here
                    - { property: username, label: field.user.username }
                    - { property: fullname, label: field.user.fullname, type: 'text' }
                    # plain password 
                    - { property: plainPassword, label: field.user.password, type: 'password' }

答案 1 :(得分:1)

扩展EasyAdmin控制器并处理用户实体。像这样:

namespace AppBundle\Controller\Admin;
use EasyCorp\Bundle\EasyAdminBundle\Controller\AdminController as BaseAdminController;
use AppBundle\Entity\User;

class AdminController extends BaseAdminController
{
    protected function prePersistUserEntity(User $user)
    {
        $encodedPassword = $this->encodePassword($user, $user->getPassword());
        $user->setPassword($encodedPassword);
    }

    protected function preUpdateUserEntity(User $user)
    {
        if (!$user->getPlainPassword()) {
            return;
        }
        $encodedPassword = $this->encodePassword($user, $user->getPlainPassword());
        $user->setPassword($encodedPassword);
    }

    private function encodePassword($user, $password)
    {
        $passwordEncoderFactory = $this->get('security.encoder_factory');
        $encoder = $passwordEncoderFactory->getEncoder($user);
        return $encoder->encodePassword($password, $user->getSalt());
    }

}

答案 2 :(得分:0)

与Symfony 5兼容的新版本:

<?php

namespace App\Controller;

use App\Entity\User;
use Symfony\Component\Security\Core\Encoder\EncoderFactory;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
use EasyCorp\Bundle\EasyAdminBundle\Controller\EasyAdminController;

class AdminController extends EasyAdminController
{
    protected function persistUserEntity($user)
    {
        $encodedPassword = $this->encodePassword($user, $user->getPlainPassword());
        $user->setPassword($encodedPassword);

        parent::persistEntity($user);
    }

    protected function updateUserEntity($user)
    {
        $encodedPassword = $this->encodePassword($user, $user->getPlainPassword());
        $user->setPassword($encodedPassword);

        parent::updateEntity($user);
    }

    private function encodePassword($user, $password)
    {
        $passwordEncoderFactory = new EncoderFactory([
            User::class => new MessageDigestPasswordEncoder('sha512', true, 5000)
        ]);

        $encoder = $passwordEncoderFactory->getEncoder($user);

        return $encoder->encodePassword($password, $user->getSalt());
    }
}
相关问题
最新问题