如何检查一个用户名/密码组合对FOS UserBundle是否有效?[英] How to check if a username/password combination is valid for FOS UserBundle

本文是小编为大家收集整理的关于如何检查一个用户名/密码组合对FOS UserBundle是否有效?的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。

问题描述

我们目前正在使用Symfony 2和FOS/USERBUNDLE进行用户身份验证.

我想检查给定的用户名/密码组合是否有效而无需登录.这是因为目前登录了另一个人,但是例如,需要采取特定的操作,需要较高许可的人需要执行.

基本上,我希望另一个用户除了当前记录的人外执行其他控制器操作.

如果有更好的方法,请让我知道

推荐答案

如何从控制器#696

public function validUser($username, $password){

    $user = new Users();    //entity

    $factory = $this->get('security.encoder_factory');
    $encoder = $factory->getEncoder($user);

    $bool = $encoder->isPasswordValid($user->getPassword(),$password,$user->getSalt());
}

其他推荐答案

Symfony 5.4

可以使用 userpasswordhasherinterface

进行密码验证
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;

class AuthenticaitonServices
{    
    public function __construct(UserPasswordHasherInterface $passwordHasher)
    {
        $this->hasher = $passwordHasher;
    }

    public function validate($request)
    {
         $form = [
            "username" => $request->request->get("_username"),
            "password" => $request->request->get("_password")
         ];

         if(!$this->hasher->isPasswordValid($user, $form['password']))
         {
             // Incorrect Password
         } else {
             // Correct Password
         }

ispasswordvalid 返回bool响应

捆绑包在较新的Symfony版本中不再可用.上面的代码用于验证从登录表单

发布的密码

希望这很有帮助.

本文地址:https://www.itbaoku.cn/post/2090785.html

问题描述

We are currently using Symfony 2 and FOS/UserBundle for user authentication.

I want to check if a given username/password combination is valid without logging in. This is because another person is currently logged in but for example needs to do a specific action which needs to be done by someone with a higher clearance.

Basically I want another user to do a different controller action besides the person that is currently logged.

If there's a better way of doing this please let me know

推荐答案

How can validate username and password from controller #696

public function validUser($username, $password){

    $user = new Users();    //entity

    $factory = $this->get('security.encoder_factory');
    $encoder = $factory->getEncoder($user);

    $bool = $encoder->isPasswordValid($user->getPassword(),$password,$user->getSalt());
}

其他推荐答案

Symfony 5.4

Password validation can be done using UserPasswordHasherInterface

use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;

class AuthenticaitonServices
{    
    public function __construct(UserPasswordHasherInterface $passwordHasher)
    {
        $this->hasher = $passwordHasher;
    }

    public function validate($request)
    {
         $form = [
            "username" => $request->request->get("_username"),
            "password" => $request->request->get("_password")
         ];

         if(!$this->hasher->isPasswordValid($user, $form['password']))
         {
             // Incorrect Password
         } else {
             // Correct Password
         }

isPasswordValid returns a bool response

Bundles are not longer available in newer Symfony versions. Above code is for validating password posted from a login form

Hope this is helpful.