代码之家 › 专栏 › 技术社区 › evolmind

如何在使用Sonata Admin(symfony4)创建用户时对密码进行编码?

sonata-admin security symfony

evolmind · 技术社区 · 6 年前

plainPassword 创建用户时使用Sonata Admin字段。我没有使用 FOSUserBundle issue . 这是我的 UserAdmin 班级:

<?php
// src/Admin/UserAdmin.php
namespace App\Admin;

use Sonata\AdminBundle\Admin\AbstractAdmin;
use Sonata\AdminBundle\Datagrid\ListMapper;
use Sonata\AdminBundle\Datagrid\DatagridMapper;
use Sonata\AdminBundle\Form\FormMapper;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\EmailType;
use Symfony\Bridge\Doctrine\Form\Type\EntityType;
use Sonata\AdminBundle\Form\Type\ModelType;
use App\Entity\Image;

class UserAdmin extends AbstractAdmin
{
    protected function configureFormFields(FormMapper $formMapper) {
        $formMapper
            ->add('username', TextType::class)
            ->add('email', EmailType::class)
            ->add('plainPassword', TextType::class)
            ->add('avatar', ModelType::class, [
                'class' => Image::class,
                'property' => 'image',
            ])
        ;
    }

    protected function configureDatagridFilters(DatagridMapper $datagridMapper) {
        $datagridMapper->add('username')
            ->add('avatar', null, [], EntityType::class, [
                'class'    => Image::class,
                'choice_label' => 'image',
            ])
        ;
    }

    protected function configureListFields(ListMapper $listMapper) {
        $listMapper
            ->addIdentifier('username')
        ;
    }

还有我的 services.yaml 包含以下内容:

admin.user:
        class: App\Admin\UserAdmin
        arguments: [~, App\Entity\User, ~]
        tags:
            - { name: sonata.admin, manager_type: orm, label: User }
        public: true

我不知道我是否要重写 preUpdate example 和 prePersist 方法与否。

我的 security.yaml 开头是这样的:

security:
    encoders:
        App\Entity\User:
            algorithm: bcrypt
    # https://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
    providers:
        #in_memory: { memory: ~ }
        my_db_provider:
            entity:
                class: App\Entity\User

2 回复 | 直到 6 年前

evolmind 6 年前

我找到了一个解决办法:用 prePersist configureFormFields 方法有一点改变,但没有任何后果:

protected function configureFormFields(FormMapper $formMapper) {
    $formMapper
        ->add('username', TextType::class)
        ->add('email', EmailType::class)
        ->add('plainPassword', RepeatedType::class, array(
            'type' => PasswordType::class,
            'first_options' => array('label' => 'Password'),
            'second_options' => array('label' => 'Password confirmation')
        ))
        ->add('avatar', ModelType::class, [
            'class' => Image::class,
            'property' => 'image',
        ])
    ;
}

最后我的方法:

public function prePersist($object) { // $object is an instance of App\Entity\User as specified in services.yaml
    $plainPassword = $object->getPlainPassword();
    $container = $this->getConfigurationPool()->getContainer();
    $encoder = $container->get('security.password_encoder');
    $encoded = $encoder->encodePassword($object, $plainPassword);

    $object->setPassword($encoded);
}

Oscar Manuel Gómez Senovilla 6 年前

通常在提交(和验证)表单之后立即进行密码编码。可能需要在用户控制器类的new和update方法中为加密本身复制两行代码,但仅此而已。