Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
BonBon Slick2020-11-23 13:40:10
symfony
BonBon Slick, 2020-11-23 13:40:10

What is the point of PasswordEncoderInterface when UserPasswordEncoderInterface exists and is used everywhere?

https://github.com/symfony/symfony/blob/5.x/src/Sy...

UserPasswordEncoderInterface
I don't understand what the first service is for. Always and everywhere used the second.
I dug into the sources, of course, but did not understand why.
For those who don't know

if ($encoder->isPasswordValid($user->toPassword()->password(), $typedPassword, $user->getSalt())) {
            return;
                }
        }


Against
if (false === $this->passwordEncoder->isPasswordValid($user, $request->get('password'))) {
            return;
        }

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
B
BoShurik, 2020-11-23
@BonBonSlick

UserPasswordEncoderInterface- just sugar when used in simple cases.
For example, you have an entity

class User implements UserInterface
{
    public function __construct(string $username, string $password)
    {
        $this->username = $username;
        $this->password = $password;
    }
}

In this case $password, this is not plainPassword, but already hashed.
How to create such an entity if it UserPasswordEncoderInterfacerequires an instance of this class?
$user = new User($username, $this->encodePassword($plainPassword));

private EncoderFactoryInterface $encoderFactory;
private function encodePassword(string $plainPassword): string
{
    $encoder = $this->encoderFactory->getEncoder(User::class);

    return $encoder->encodePassword($plainPassword, null);
}

To be more precise, the answer to the question "What is the point of PasswordEncoderInterface if there is a UserPasswordEncoderInterface?" - it is impossible, without violating the SRP, to implement UserPasswordEncoderInterfacewithout having PasswordEncoderInterfaceand EncoderFactoryInterface, i.e. this is a higher level interface than PasswordEncoderInterface
PS Salt does not need to be stored. In this case, it's a vestige from the first versions, when password_hash was not used, which adds metadata next to the hash. It is enough to create a stub method:
public function getSalt()
{
    return null;
}

Similar questions
W
wini6662017-08-26 14:36:44
How to make .then work inside a Promise? 2Reply
K
Karim Karimov2015-06-08 21:29:28
How many and what level of projects does a web developer portfolio require? 3Reply
P
postgresdev2019-10-23 21:28:50
How to get the number of updated rows after calling executeQuery in Symfony? 1Reply
S
Smoren2021-04-26 12:47:58
Is there an analogue of modules in symfony as in yii2? 1Reply
1
1alexandr2015-06-15 05:13:07
How to connect elfinder and tinymce in symfony2? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question