我正在使用 EasyAdmin 添加/编辑用户,并想问是否有可能加密您的密码?以前我使用 Symfony 4 make:registration-form 时密码加密有效,但我现在不能使用它,我必须使用 EasyAdmin。
easy_admin.yaml
easy_admin:
entities:
User:
class: App\Entity\User
password_encoding: { algorithm: 'bcrypt', cost: 12 }
(实际)我进入EasyAdmin页面(/admin),点击用户,添加用户,填写邮箱(test@gmail.com)和密码(test),点击保存更改。
现在用户存储在数据库中,但使用明文密码。
(预期)上述所有内容,但密码已加密。
与 Symfony 5 兼容的新版本:
<?php
namespace App\Controller;
use App\Entity\User;
use Symfony\Component\Security\Core\Encoder\EncoderFactory;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
use EasyCorp\Bundle\EasyAdminBundle\Controller\EasyAdminController;
class AdminController extends EasyAdminController
{
protected function persistUserEntity($user)
{
$encodedPassword = $this->encodePassword($user, $user->getPlainPassword());
$user->setPassword($encodedPassword);
parent::persistEntity($user);
}
protected function updateUserEntity($user)
{
$encodedPassword = $this->encodePassword($user, $user->getPlainPassword());
$user->setPassword($encodedPassword);
parent::updateEntity($user);
}
private function encodePassword($user, $password)
{
$passwordEncoderFactory = new EncoderFactory([
User::class => new MessageDigestPasswordEncoder('sha512', true, 5000)
]);
$encoder = $passwordEncoderFactory->getEncoder($user);
return $encoder->encodePassword($password, $user->getSalt());
}
}
EasyAdminController:<?php
declare(strict_types=1);
namespace App\Controller;
use App\Entity\User;
use EasyCorp\Bundle\EasyAdminBundle\Controller\EasyAdminController;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
/**
* Class AdminController.
*
* @author Dmitriy Atamaniuc <d.atamaniuc@gmail.com>
*/
final class AdminController extends EasyAdminController
{
private UserPasswordEncoderInterface $encoder;
private function setUserPlainPassword(User $user): void
{
if ($user->getPlainPassword()) {
$user->setPassword($this->encoder->encodePassword($user, $user->getPlainPassword()));
}
}
/**
* @required
*/
public function setEncoder(UserPasswordEncoderInterface $encoder): void
{
$this->encoder = $encoder;
}
public function persistUserEntity(User $user): void
{
$this->setUserPlainPassword($user);
$this->persistEntity($user);
}
public function updateUserEntity(User $user): void
{
$this->setUserPlainPassword($user);
$this->updateEntity($user);
}
}
config/routes/easy_admin.yaml:easy_admin_bundle:
resource: 'App\Controller\AdminController'
prefix: /admin
type: annotation
plainPassword“虚拟”属性添加到您的User实体:/**
* @Assert\NotBlank()
* @Assert\Length(min=5, max=128)
*/
private ?string $plainPassword = null;
public function getPlainPassword(): ?string
{
return $this->plainPassword;
}
public function setPlainPassword(string $password): void
{
$this->plainPassword = $password;
}
easy_admin.yamleasy_admin:
entities:
User:
class: App\Entity\User
label: label.user
new:
title: field.user.add_new
fields:
# some fields like username here
- { property: username, label: field.user.username }
- { property: fullname, label: field.user.fullname, type: 'text' }
# plain password
- { property: plainPassword, label: field.user.password, type: 'password' }
扩展 EasyAdmin 控制器并处理用户实体。像这样的东西:
namespace AppBundle\Controller\Admin;
use EasyCorp\Bundle\EasyAdminBundle\Controller\AdminController as BaseAdminController;
use AppBundle\Entity\User;
class AdminController extends BaseAdminController
{
protected function prePersistUserEntity(User $user)
{
$encodedPassword = $this->encodePassword($user, $user->getPassword());
$user->setPassword($encodedPassword);
}
protected function preUpdateUserEntity(User $user)
{
if (!$user->getPlainPassword()) {
return;
}
$encodedPassword = $this->encodePassword($user, $user->getPlainPassword());
$user->setPassword($encodedPassword);
}
private function encodePassword($user, $password)
{
$passwordEncoderFactory = $this->get('security.encoder_factory');
$encoder = $passwordEncoderFactory->getEncoder($user);
return $encoder->encodePassword($password, $user->getSalt());
}
}