使用Symfony2,Sonata Admin和mongodb,应用程序保存字段,但密码未加密。
CRUD工作非常精确地保存数据库上的用户字段,问题是当loggin我得到“Bad Credentials”时,当我看到数据库时密码没有加密。
我没有使用UserBundle,FOSUserBundle。
UserAdmin.php
protected function configureFormFields(FormMapper $formMapper)
{
$formMapper
->add('names', null, array('label' => 'Nombres','required' => true))
->add('surnames', null, array('label' => 'Apellidos'))
->add('email', 'email', array('label' => 'Email','required' => true))
->add('password', 'repeated', array('type' => 'password',
'first_options' => array('label' => 'Contraseña'),
'second_options' => array('label' => 'Repita la contraseña'),
'invalid_message' => 'Las contraseñas no coinciden'
))
->add('birthday','date', array('label' => 'Fecha de Nacimiento',
'years' => range(date('y'),date('Y')-90),
'format' => 'dd-MMMM-yyyy'
));
}
security.yml
security:
encoders:
Bluetton\DispatcherBundle\Document\User:
algorithm: sha512
encode-as-base64: true
iterations: 10
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
dispatcherdb:
mongodb: { class: Bluetton\DispatcherBundle\Document\User, property: email }
firewalls:
main:
pattern: /.*
provider: dispatcherdb
form_login:
login_path: /login
check_path: /login_check
remember_me: true
logout:
path: /logout
target: /
remember_me:
key: MiClaveSegura
lifetime: 1800
path: /.*
domain: ~
security: true
anonymous: true
access_control:
- { path: /setup, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /user, roles: IS_AUTHENTICATED_ANONYMOUSLY } #ROLE_USER } #
- { path: /.*, roles: IS_AUTHENTICATED_ANONYMOUSLY }
SecurityController.php
class SecurityController extends Controller
{
public function loginAction()
{
$request = $this->getRequest();
$session = $request->getSession();
// get the login error if there is one
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
}
return $this->render('DispatcherBundle:Security:login.html.twig', array(
// last username entered by the user
'last_username' => $session->get(SecurityContext::LAST_USERNAME),
'error' => $error,
));
}
public function indexAction()
{
$user = new User();
$validator = $this->get('validator');
$errors = $validator->validate($user);
if (count($errors) > 0) {
$errorsString = (string) $errors;
return new Response($errorsString);
}
return new Response('El usuario es valido!');
}
}
答案 0 :(得分:0)
我解决了覆盖UserAdmin类上的函数preUpdate()和prePersist()的问题
public function preUpdate($object) {
$uniqid = $this->getRequest()->query->get('uniqid');
$encoder = new MessageDigestPasswordEncoder('sha512', true, 10);
$formData = $this->getRequest()->request->get($uniqid);
if(array_key_exists('password', $formData) && $formData['password'] !== null && strlen($formData['password']['first' ]) > 0) {
$object->setPassword($encoder->encodePassword($formData['password']['first' ],$object->getSalt()));
}
}
public function prePersist($object) {
$encoder = new MessageDigestPasswordEncoder('sha512', true, 10);
$uniqid = $this->getRequest()->query->get('uniqid');
$formData = $this->getRequest()->request->get($uniqid);
if(array_key_exists('password', $formData) && $formData['password'] !== null && strlen($formData['password']['first' ]) > 0) {
$object->setPassword($encoder->encodePassword($formData['password']['first' ],$object->getSalt()));
}
}
答案 1 :(得分:0)
->add('plainPassword', 'repeated', array(
'type' => 'password',
'options' => array('translation_domain' => 'FOSUserBundle'),
'first_options' => array('label' => 'form.password'),
'second_options' => array('label' => 'form.password_confirmation'),
'invalid_message' => 'fos_user.password.mismatch',
))