在Symfony 2表单中验证旧密码

时间:2016-11-18 21:02:19

标签: validation symfony passwords symfony-forms

休斯顿,我有一个问题:)

我需要验证旧密码。

Symfony内置密码验证器,这很棒但是......我需要重新配置编码系统。

use Symfony\Component\Security\Core\Validator\Constraints as SecurityAssert;

/**
 * User
 */
class User implements AdvancedUserInterface, \Serializable
{

     /**
     * @SecurityAssert\UserPassword()
     */
     protected $oldPassword;

此返回始终为false,因为密码是使用mcrypt加密的。

我曾尝试编辑此课程

class UserPasswordValidator extends ConstraintValidator
{
    private $tokenStorage;
    private $encoderFactory;

    public function __construct(TokenStorageInterface $tokenStorage, EncoderFactoryInterface $encoderFactory)
    {
        $this->tokenStorage = $tokenStorage;
        $this->encoderFactory = $encoderFactory;
    }

    /**
     * {@inheritdoc}
     */
    public function validate($password, Constraint $constraint)
    {
        $user = $this->tokenStorage->getToken()->getUser();

        $encoder = new CryptPasswordEncoder();

        $oldPass = $user->getPassword();

        if ($encoder->isPasswordValid($oldPass, $password, '')) {
            $this->context->buildViolation($constraint->message)
                ->setParameter('%string%', $password)
                ->addViolation();
        }
    }

}

但是当我提交验证值时,$ password总是 null

1 个答案:

答案 0 :(得分:0)

我已经走了一圈。

我在控制器中查找旧密码,如果密码有效,请与编码器核对。如果不是我在 form_widget

上面的 flashBag 消息时出错
  public function editProfileAction(Request $request) {
        $user = $this->getUser();
        $oldPassword = $user->getPassword();

我必须在验证表单之前将旧密码存储在变量中,因为在验证表单后它会被覆盖。

        $section = $request->get('section');

        if ($section == 'password-change') {
            $formType = EditPasswordFormType::class;
            $form = $this->createForm($formType, $user);

            $data['form'] = $form->createView();
         }


        if ($request->isMethod('POST')) {
            $form->handleRequest($request);
            if ($form->isValid()) {
                if ($section == 'password-change') {
                    $data = $form->getData();
                    $encoder = new CryptPasswordEncoder();

                    $valid = $encoder->isPasswordValid($oldPassword, $data->oldPassword, '');

                    if (!$valid) {
                        $this->get('session')->getFlashBag()->set('notValidError', 'You are insert wrong old password');
                        return $this->redirect($request->getUri());
                    }
                    $ps->changePassword($user, $form);

                    $this->get('session')->getFlashBag()->set('success', 'Password Changed');
                    return $this->redirect($request->getUri());

                }

            } else {
                $data['form'] = $form->createView();
            }

        }


        return $this->render('@SciProfile/EditProfile/editProfile.html.twig', $data);
    }

这是树枝边

{{ form_start(form) }}
<div class="row" style="margin-top: 40px">
    <div class="columns large-4 content-right">
        {{ form_label(form.oldPassword) }}
    </div>
    <div class="columns large-6 content-middle">
        {% for flashMessage in app.session.flashbag.get('notValidError') %}
            <div data-alert class="alert-box alert radius">
                {{ flashMessage }}
            </div>
        {% endfor %}
        {{ form_widget(form.oldPassword) }}
    </div>
    <div class="columns large-2"></div>
</div>