Symfony 4.3不推荐使用bcrypt算法,请参见UPGRADE-4.3.md:
使用argon2i或bcrypt作为算法配置编码器已被弃用,请改用auto。
所以我将security.yaml更改为:
encoders:
App\Entity\User:
algorithm: auto
问题在于,更改为auto后,哈希字符串会更长:
带有参数的“ INSERT INTO users(...,password,...)VALUES(...)” [..., “ $ argon2id $ v = 19 $ m = 65536,t = 6,p = 1 $ d2RhZjVuaWJsSnE0TW5haA $ ycOn7EHjPOoBTSa6SHDOBWL2AvwfPNjAstlSTEMmPpU”, ...]:
SQLSTATE [22001]:字符串数据,右截断:1406数据长度太长 第1行的“密码”列
此字符串的长度为97个字符,而我的密码列为64。我找不到任何有关“ auto”属性的最大可能长度的文档,是97吗?还是可以更多?
答案 0 :(得分:0)
As said by @Cerad in comments, the auto mode will likely always produce passwords that are supported by the password_hash() built-in PHP function (depending on the platform).
Therefore you can safely rely on the hint given by the password_hash() documentation:
PASSWORD_DEFAULT - [...] Note that this constant is designed to change over time as new and stronger algorithms are added to PHP. For that reason, the length of the result from using this identifier can change over time. Therefore, it is recommended to store the result in a database column that can expand beyond 60 characters (255 characters would be a good choice).