8000 Implemented password migration for the new authenticators · symfony/symfony@fa4b3ec · GitHub
[go: up one dir, main page]
Skip to content

Commit fa4b3ec

Browse files
wouterjwouterj
committed
Implemented password migration for the new authenticators
1 parent 5efa892 commit fa4b3ec

File tree

2 files changed

+18
-2
lines changed

2 files changed

+18
-2
lines changed

src/Symfony/Component/Security/Guard/PasswordAuthenticatedInterface.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,8 @@
1111

1212
namespace Symfony\Component\Security\Guard;
1313

14+
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
15+
1416
/**
1517
* An optional interface for "guard" authenticators that deal with user passwords.
1618
*/
@@ -22,4 +24,6 @@ interface PasswordAuthenticatedInterface
2224
* @param mixed $credentials The user credentials
2325
*/
2426
public function getPassword($credentials): ?string;
27+
28+
/* public function getPasswordEncoder(): ?UserPasswordEncoderInterface; */
2529
}

src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProviderTrait.php

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -62,8 +62,20 @@ private function authenticateViaGuard($guardAuthenticator, PreAuthenticationGuar
6262

6363
throw new BadCredentialsException(sprintf('Authentication failed because "%s::checkCredentials()" did not return true.', get_debug_type($guardAuthenticator)));
6464
}
65-
if ($this->userProvider instanceof PasswordUpgraderInterface && $guardAuthenticator instanceof PasswordAuthenticatedInterface && null !== $this->passwordEncoder && (null !== $password = $guardAuthenticator->getPassword($token->getCredentials())) && method_exists($this->passwordEncoder, 'needsRehash') && $this->passwordEncoder->needsRehash($user)) {
66-
$this->userProvider->upgradePassword($user, $this->passwordEncoder->encodePassword($user, $password));
65+
66+
if ($guardAuthenticator instanceof PasswordAuthenticatedInterface
67+
&& null !== $password = $guardAuthenticator->getPassword($token->getCredentials())
68+
&& null !== $passwordEncoder = $this->passwordEncoder ?? (method_exists($guardAuthenticator, 'getPasswordEncoder') ? $guardAuthenticator->getPasswordEncoder() : null)
69+
) {
70+
if (method_exists($passwordEncoder, 'needsRehash') && $passwordEncoder->needsRehash($user)) {
71+
if (!isset($this->userProvider)) {
72+
if ($guardAuthenticator instanceof PasswordUpgraderInterface) {
73+
$guardAuthenticator->upgradePassword($user, $guardAuthenticator->getPasswordEncoder()->encodePassword($user, $password));
74+
}
75+
} elseif ($this->userProvider instanceof PasswordUpgraderInterface) {
76+
$this->userProvider->upgradePassword($user, $passwordEncoder->encodePassword($user, $password));
77+
}
78+
}
6779
}
6880
$this->userChecker->checkPostAuth($user);
6981

0 commit comments

Comments
 (0)
0