Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

[SecurityBundle] register alias for argument for password hasher#60371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
chalasr merged 2 commits intosymfony:7.4fromlyrixx:security-password-hasher
Jun 11, 2025

Conversation

@lyrixx
Copy link
Member

@lyrixxlyrixx commentedMay 7, 2025
edited
Loading

QA
Branch?7.3
Bug fix?no
New feature?yes
Deprecations?no
Issues
LicenseMIT

This is a new feature, but I want to gather feedback before finishing the PR (meta + doc + test)

I need to hash some sensitive data in my database (2FA recovery code).
They are not tied to a specific class. So I need a "raw hasher".

ATM, I'm able to write:

security:password_hashers:Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:'auto'recovery_code:auto

But to get it, I need to write:

publicfunction homepage(PasswordHasherFactoryInterface$p):Response    {$password ='password';$hash =$p->getPasswordHasher('recovery_code')->hash($password);dd($hash);

There is an extra steps here (low of demeter...)

With this PR, I propose an alternative:

class HomepageControllerextends AbstractController{publicfunction__construct(        #[Target('recovery_code')]privatereadonlyPasswordHasherInterface$passwordHasher,    ) {    }    #[Route('/')]publicfunction index():Response    {dd($this->passwordHasher->hash('aaa'));

DX is extra smooth. If I forgot theTarget Attribute:

image

chalasr reacted with heart emoji
@lyrixxlyrixxforce-pushed thesecurity-password-hasher branch from2216356 to576f604CompareMay 14, 2025 09:10
@lyrixx
Copy link
MemberAuthor

@nicolas-grekas I addressed your comments, added tests, and updated CHANGELOG.md

@lyrixxlyrixxforce-pushed thesecurity-password-hasher branch from576f604 to9b50bc9CompareMay 14, 2025 09:11
@lyrixxlyrixxforce-pushed thesecurity-password-hasher branch from9b50bc9 toc6051e3CompareMay 14, 2025 09:38
Copy link
Member

@chalasrchalasr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Great 👍

@fabpotfabpot modified the milestones:7.3,7.4May 26, 2025
@stof

This comment was marked as resolved.

@lyrixx

This comment was marked as resolved.

@lyrixx

This comment was marked as resolved.

@lyrixxlyrixx reopened thisJun 4, 2025
@chalasr
Copy link
Member

Thank you@lyrixx.

@chalasrchalasr merged commit4331e59 intosymfony:7.4Jun 11, 2025
11 checks passed
@lyrixxlyrixx deleted the security-password-hasher branchAugust 6, 2025 15:53
This was referencedOct 27, 2025
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@fabpotfabpotfabpot requested changes

@chalasrchalasrchalasr requested changes

@nicolas-grekasnicolas-grekasnicolas-grekas approved these changes

@stofstofstof approved these changes

Assignees

No one assigned

Projects

None yet

Milestone

7.4

Development

Successfully merging this pull request may close these issues.

6 participants

@lyrixx@stof@chalasr@fabpot@nicolas-grekas@carsonbot
[8]ページ先頭
©2009-2025 Movatter.jp