NotificationsYou must be signed in to change notification settings
Fork0
Star0

Commit8cd63d0

committed

Added feature doc for named encoders

1 parent6db5f23 commit8cd63d0Copy full SHA for 8cd63d0

File tree

1 file changed

+73

-0

lines changed

book
- security.rst

1 file changed

+73

-0

lines changed

`‎book/security.rst`

Lines changed: 73 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -1466,6 +1466,79 @@ it as base64. In other words, the password has been greatly obfuscated so`
`1466`	`1466`	`that the hashed password can't be decoded (i.e. you can't determine the password`
`1467`	`1467`	`from the hashed password).`
`1468`	`1468`
	`1469`	`+Named encoders`
	`1470`	`+..............`
	`1471`	`+`
	`1472`	`+..versionadded::2.5`
	`1473`	`+ Named encoders were introduced in Symfony 2.5`
	`1474`	`+`
	`1475`	`+Another option is to set the encoder dynamically on an instance basis.`
	`1476`	+In the previous example, you've set the ``sha512`` algorithm for ``Acme\UserBundle\Entity\User``.
	`1477`	`+This may be secure enough for a regular user, but what if you want your admins to have`
	`1478`	+a stronger algorithm? Let's say ``bcrypt``. This can be done with named encoders:
	`1479`	`+`
	`1480`	`+..configuration-block::`
	`1481`	`+`
	`1482`	`+ ..code-block::yaml`
	`1483`	`+`
	`1484`	`+# app/config/security.yml`
	`1485`	`+security:`
	`1486`	`+# ...`
	`1487`	`+encoders:`
	`1488`	`+harsh:`
	`1489`	`+algorithm:bcrypt`
	`1490`	`+cost:15`
	`1491`	`+`
	`1492`	`+ ..code-block::xml`
	`1493`	`+`
	`1494`	`+<!-- app/config/security.xml-->`
	`1495`	`+ <?xml version="1.0" encoding="UTF-8" ?>`
	`1496`	`+ <srv:containerxmlns="http://symfony.com/schema/dic/security"`
	`1497`	`+xmlns:srv="http://symfony.com/schema/dic/services">`
	`1498`	`+`
	`1499`	`+ <config>`
	`1500`	`+<!-- ...-->`
	`1501`	`+ <encoderclass="harsh"`
	`1502`	`+algorithm="bcrypt"`
	`1503`	`+cost="15" />`
	`1504`	`+ </config>`
	`1505`	`+ </srv:container>`
	`1506`	`+`
	`1507`	`+ ..code-block::php`
	`1508`	`+`
	`1509`	`+ // app/config/security.php`
	`1510`	`+ $container->loadFromExtension('security', array(`
	`1511`	`+ // ...`
	`1512`	`+ 'encoders' => array(`
	`1513`	`+ 'harsh' => array(`
	`1514`	`+ 'algorithm' => 'bcrypt',`
	`1515`	`+ 'cost' => '15'`
	`1516`	`+ ),`
	`1517`	`+ ),`
	`1518`	`+ ));`
	`1519`	`+`
	`1520`	+Now you've created an encoder named ``harsh``. In order for a ``User`` instance to use it,
	`1521`	+It must implement ``EncoderAwareInterface`` and have a method ``getEncoderName`` which returns the
	`1522`	`+name of the encoder to use::`
	`1523`	`+`
	`1524`	`+ // src/Acme/UserBundle/Entity/User.php`
	`1525`	`+ namespace Acme\UserBundle\Entity;`
	`1526`	`+`
	`1527`	`+ use Symfony\Component\Security\Core\User\UserInterface;`
	`1528`	`+ use Symfony\Component\Security\Core\Encoder\EncoderAwareInterface;`
	`1529`	`+`
	`1530`	`+ class User implements UserInterface, EncoderAwareInterface`
	`1531`	`+ {`
	`1532`	`+ public function getEncoderName()`
	`1533`	`+ {`
	`1534`	`+ if ($this->isAdmin()) {`
	`1535`	`+ return 'harsh';`
	`1536`	`+ }`
	`1537`	`+`
	`1538`	`+ return null; // use the default encoder`
	`1539`	`+ }`
	`1540`	`+ }`
	`1541`	`+`
`1469`	`1542`	`Determining the Hashed Password`
`1470`	`1543`	`...............................`
`1471`	`1544`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit8cd63d0

File tree

1 file changed

1 file changed

`‎book/security.rst`

0 commit comments