Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
BonBon Slick2020-11-23 13:40:10
symfony
BonBon Slick, 2020-11-23 13:40:10

What is the point of PasswordEncoderInterface when UserPasswordEncoderInterface exists and is used everywhere?

https://github.com/symfony/symfony/blob/5.x/src/Sy...

UserPasswordEncoderInterface
I don't understand what the first service is for. Always and everywhere used the second.
I dug into the sources, of course, but did not understand why.
For those who don't know

if ($encoder->isPasswordValid($user->toPassword()->password(), $typedPassword, $user->getSalt())) {
            return;
                }
        }


Against
if (false === $this->passwordEncoder->isPasswordValid($user, $request->get('password'))) {
            return;
        }

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
B
BoShurik, 2020-11-23
@BonBonSlick

UserPasswordEncoderInterface- just sugar when used in simple cases.
For example, you have an entity

class User implements UserInterface
{
    public function __construct(string $username, string $password)
    {
        $this->username = $username;
        $this->password = $password;
    }
}

In this case $password, this is not plainPassword, but already hashed.
How to create such an entity if it UserPasswordEncoderInterfacerequires an instance of this class?
$user = new User($username, $this->encodePassword($plainPassword));

private EncoderFactoryInterface $encoderFactory;
private function encodePassword(string $plainPassword): string
{
    $encoder = $this->encoderFactory->getEncoder(User::class);

    return $encoder->encodePassword($plainPassword, null);
}

To be more precise, the answer to the question "What is the point of PasswordEncoderInterface if there is a UserPasswordEncoderInterface?" - it is impossible, without violating the SRP, to implement UserPasswordEncoderInterfacewithout having PasswordEncoderInterfaceand EncoderFactoryInterface, i.e. this is a higher level interface than PasswordEncoderInterface
PS Salt does not need to be stored. In this case, it's a vestige from the first versions, when password_hash was not used, which adds metadata next to the hash. It is enough to create a stub method:
public function getSalt()
{
    return null;
}

Similar questions
K
Konstantin Grachev2016-04-01 16:30:11
Symfony Translations - find unused translations? 1Reply
A
alexmalleeee2021-11-10 00:12:48
Where to learn symfony? 2Reply
V
v7sila2018-08-30 11:38:04
How to create multiple records in a table with doctrine in one query? 1Reply
G
grabbee2021-11-13 18:52:53
Why are there no Symfony logs in k8s? 1Reply
D
Daria Motorina2021-11-14 20:41:06
How to refactor classes with heterogeneous constructors? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question