forked from Sylius/Sylius
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feature Sylius#10084 Password hashing - update encoder on login (pamil)
This PR was merged into the 1.4-dev branch. Discussion ---------- | Q | A | --------------- | ----- | Branch? | 1.4 | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Related tickets | closes Sylius#9560, related to Sylius#10080 | License | MIT TODO: - [x] Functional test at the application level which updates the encoder and password of logged in user <!-- - Bug fixes must be submitted against the 1.2 or 1.3 branch (the lowest possible) - Features and deprecations must be submitted against the master branch - Make sure that the correct base branch is set --> Commits ------- d05d8aa Specify an listener to update the encoded password on login e58b202 Register the listener updating users' encoder b79be03 Add encoder name to serialised user data 93d7aed Add functional test for update password encoder listener 722ba00 Set "argon2i" as the default encoder f2e6896 Setup seamless change to argon2i d02581b Make test compatibile with Symfony 3.4 62eb4ab Mock what you own in encoder listener spec
- Loading branch information
Showing
12 changed files
with
517 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -12,6 +12,3 @@ parameters: | |
sylius_shop: | ||
product_grid: | ||
include_all_descendants: true | ||
|
||
sylius_user: | ||
encoder: argon2i |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
security: | ||
encoders: | ||
sha512: sha512 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
80 changes: 80 additions & 0 deletions
80
src/Sylius/Bundle/UserBundle/EventListener/UpdateUserEncoderListener.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
<?php | ||
|
||
/* | ||
* This file is part of the Sylius package. | ||
* | ||
* (c) Paweł Jędrzejewski | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
*/ | ||
|
||
declare(strict_types=1); | ||
|
||
namespace Sylius\Bundle\UserBundle\EventListener; | ||
|
||
use Doctrine\Common\Persistence\ObjectManager; | ||
use Sylius\Component\User\Model\UserInterface; | ||
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; | ||
|
||
final class UpdateUserEncoderListener | ||
{ | ||
/** @var ObjectManager */ | ||
private $objectManager; | ||
|
||
/** @var string */ | ||
private $recommendedEncoderName; | ||
|
||
/** @var string */ | ||
private $className; | ||
|
||
/** @var string */ | ||
private $interfaceName; | ||
|
||
/** @var string */ | ||
private $passwordParameter; | ||
|
||
public function __construct( | ||
ObjectManager $objectManager, | ||
string $recommendedEncoderName, | ||
string $className, | ||
string $interfaceName, | ||
string $passwordParameter | ||
) { | ||
$this->objectManager = $objectManager; | ||
$this->recommendedEncoderName = $recommendedEncoderName; | ||
$this->className = $className; | ||
$this->interfaceName = $interfaceName; | ||
$this->passwordParameter = $passwordParameter; | ||
} | ||
|
||
public function onSecurityInteractiveLogin(InteractiveLoginEvent $event): void | ||
{ | ||
$user = $event->getAuthenticationToken()->getUser(); | ||
|
||
if (!$user instanceof UserInterface) { | ||
return; | ||
} | ||
|
||
if (!$user instanceof $this->className || !$user instanceof $this->interfaceName) { | ||
return; | ||
} | ||
|
||
if ($user->getEncoderName() === $this->recommendedEncoderName) { | ||
return; | ||
} | ||
|
||
$request = $event->getRequest(); | ||
|
||
$plainPassword = $request->request->get($this->passwordParameter); | ||
if (null === $plainPassword || '' === $plainPassword) { | ||
return; | ||
} | ||
|
||
$user->setEncoderName($this->recommendedEncoderName); | ||
$user->setPlainPassword($plainPassword); | ||
|
||
$this->objectManager->persist($user); | ||
$this->objectManager->flush(); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.