I'm using the standard symfony security for my admin password:
security:
providers:
in_memory:
memory:
users:
admin:
password: $2y$12$.QD1HlEVmeupiIIM3d601urQxd.WsgJyfZ0nJjVAyEn2qQOGpjIHi
roles: 'ROLE_ADMIN'
encoders:
Symfony\Component\Security\Core\User\User:
algorithm: bcrypt
cost: 12
Now I would like to implement a method to change the password. With some tweaks I managed to get the answer from this question to work for the password checking aspect.
This is my password class:
I was forced to use the public type for now because I kept getting the Could not determine access type for property error. Side question, why would this be happening? I had the setters and getters uncommented
<?php
namespace AppBundle\Security;
use Symfony\Component\Security\Core\Validator\Constraints as SecurityAssert;
use Symfony\Component\Validator\Constraints as Assert;
class ChangePassword
{
/**
* @SecurityAssert\UserPassword(
* message = "Niepoprawne Haslo"
* )
*/
public $oldPassword;
/**
* @Assert\Length(
* min = 6,
* minMessage = "Hasło powinno mieć min. 6 znaków"
* )
*/
public $newPassword;
// /**
// * Get oldPassword
// *
// * @return string
// */
// public function getOldPassword()
// {
// return $this->oldPassword;
// }
// *
// * Get newPassword
// *
// * @return string
// public function getNewPassword()
// {
// return $this->newPassword;
// }
// public function setNewPassword($newPassword)
// {
// $this->newPassword = $newPassword;
// return $this;
// }
}
My type:
<?php
namespace AppBundle\Form;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolverInterface;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use AppBundle\Security\ChangePassword;
class ChangePasswordType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder->add('oldPassword', PasswordType::class, array(
'label' => 'Stare Hasło'))
->add('newPassword', RepeatedType::class, array(
'type' => PasswordType::class,
'invalid_message' => 'Hasła nie pasują do siebie',
'required' => true,
'first_options' => array('label' => 'Nowe Hasło'),
'second_options' => array('label' => 'Wprowadź ponownie'),
))
->add('save', SubmitType::class, array(
'label' => 'Zmień Hasło',
'attr' => array(
'class' => 'btn btn-danger'
)));
}
public function setDefaultOptions(OptionsResolverInterface $resolver)
{
$resolver->setDefaults(array(
'data_class' => 'AppBundle\Security\ChangePassword',
));
}
public function getName()
{
return 'change_passwd';
}
}
And finally the controller:
public function adminChangePasswdAction(Request $request)
{
$changePasswordModel = new ChangePassword();
$form = $this->createForm(ChangePasswordType::class, $changePasswordModel);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$data = $form->getData();
$user = $this->getUser();
$plainPassword = $form->getData()->newPassword;
$encoder = $this->container->get('security.password_encoder');
$encoded = $encoder->encodePassword($user, $plainPassword);
$user->setPassword($encoded);
//return $this->redirect($this->generateUrl('admin-panel'));
}
return $this->render('admin/changepasswd.html.twig', array(
'form' => $form->createView(),
));
}
But as you can easily guess the $user->setPassword($encoded); portion is not working because the user class does not have a setPassword method.
What would be the proper way to set the password? Is it even possible?
in memorypasswords , you cannot changein memorypasswords. if you want to do so , defined proper User entity implement the above logic theirsecurity.ymland edit the password right there