php - Symfony2 - 更改现有用户的编码器

Question

如果您有包含用户及其密码的现有代码库，如何更改密码编码器并更新用户密码？

换句话说，假设所有用户密码均采用 MD5 格式，并且您希望转换为 PBKDF2。常见的策略是在用户下次登录时简单地重新哈希密码。

但是，我不确定如何在 Symfony 中执行此操作。它会在登录 Controller 中完成吗？或者有没有办法在 EncoderInterface 对象中做到这一点？

Answer 1

看看这个博客...似乎这就是您正在寻找的...

How to change the way Symfony2 encodes passwords

您需要扩展 MessageDigestPasswordEncoder 类，覆盖其方法并将该类复制到 bundle 中的 Security 文件夹(如果不存在，则创建一个) 查看以下如何扩展 MessageDigestPasswordEncoder 的示例

use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder as      BaseMessageDigestPasswordEncoder;

class MessageDigestPasswordEncoder extends BaseMessageDigestPasswordEncoder
{
    private $algorithm;
    private $encodeHashAsBase64;

    public function __construct($algorithm = 'sha512', $encodeHashAsBase64 = true, $iterations = 5000)
    {
        $this->algorithm = $algorithm;
        $this->encodeHashAsBase64 = $encodeHashAsBase64;
        $this->iterations = $iterations;
    }

    protected function mergePasswordAndSalt($password, $salt)
    {
        if (empty($salt)) {
            return $password;
        }

        return $salt.$password; // or do whatever you need with the password and salt
    }

    public function encodePassword($raw, $salt)
    {
        // this is the original code from the extended class, change it as needed

        if (!in_array($this->algorithm, hash_algos(), true)) {
            throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm));
        }

        $salted = $this->mergePasswordAndSalt($raw, $salt);
        $digest = hash($this->algorithm, $salted, true);

        // "stretch" hash
        for ($i = 1; $i < $this->iterations; $i++) {
            $digest = hash($this->algorithm, $digest.$salted, true);
        }

        return $this->encodeHashAsBase64 ? base64_encode($digest) :  bin2hex($digest);
    }
}

准备好类(class)后，更新 config.yml

# app/config/config.yml
# ...

parameters:
    security.encoder.digest.class: Ens\TestBundle\Security\MessageDigestPasswordEncoder