8000 [Form] Skip password hashing on empty password · symfony/symfony@b4aa3ea · GitHub
[go: up one dir, main page]

Skip to content

Commit b4aa3ea

Browse files
Seb33300nicolas-grekas
authored andcommitted
[Form] Skip password hashing on empty password
1 parent 8c19af2 commit b4aa3ea

File tree

2 files changed

+35
-0
lines changed

2 files changed

+35
-0
lines changed

src/Symfony/Component/Form/Extension/PasswordHasher/EventListener/PasswordHasherListener.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,10 @@ public function __construct(
3737

3838
public function registerPassword(FormEvent $event)
3939
{
40+
if (null === $event->getData() || '' === $event->getData()) {
41+
return;
42+
}
43+
4044
$this->assertNotMapped($event->getForm());
4145

4246
$this->passwords[] = [

src/Symfony/Component/Form/Tests/Extension/PasswordHasher/Type/PasswordTypePasswordHasherExtensionTest.php

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@
1313

1414
use PHPUnit\Framework\MockObject\MockObject;
1515
use Symfony\Component\Form\Exception\InvalidConfigurationException;
16+
use Symfony\Component\Form\Extension\Core\Type\FormType;
1617
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
1718
use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
1819
use Symfony\Component\Form\Extension\PasswordHasher\EventListener\PasswordHasherListener;
@@ -80,6 +81,36 @@ public function testPasswordHashSuccess()
8081
$this->assertSame($user->getPassword(), $hashedPassword);
8182
}
8283

84+
public function testPasswordHashSkippedWithEmptyPassword()
85+
{
86+
$oldHashedPassword = 'PreviousHashedPassword';
87+
88+
$user = new User();
89+
$user->setPassword($oldHashedPassword);
90+
91+
$this->passwordHasher
92+
->expects($this->never())
93+
->method('hashPassword')
94+
;
95+
96+
$this->assertEquals($user->getPassword(), $oldHashedPassword);
97+
98+
$form = $this->factory
99+
->createBuilder(FormType::class, $user)
100+
->add('plainPassword', PasswordType::class, [
101+
'hash_property_path' => 'password',
102+
'mapped' => false,
103+
'required' => false,
104+
])
105+
->getForm()
106+
;
107+
108+
$form->submit(['plainPassword' => '']);
109+
110+
$this->assertTrue($form->isValid());
111+
$this->assertSame($user->getPassword(), $oldHashedPassword);
112+
}
113+
83114
public function testPasswordHashSuccessWithEmptyData()
84115
{
85116
$user = new User();

0 commit comments

Comments
 (0)
0