Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 8cd63d0

Browse filesBrowse files
tamirvstamirvs
committed
Added feature doc for named encoders
1 parent 6db5f23 commit 8cd63d0
Copy full SHA for 8cd63d0

File tree

Expand file treeCollapse file tree

1 file changed

+73
-0
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

1 file changed

+73
-0
lines changed
Open diff view settings
Collapse file

‎book/security.rst‎

Copy file name to clipboardExpand all lines: book/security.rst
+73Lines changed: 73 additions & 0 deletions
  • Display the source diff
  • Display the rich diff
Original file line numberDiff line numberDiff line change
@@ -1466,6 +1466,79 @@ it as base64. In other words, the password has been greatly obfuscated so
14661466
that the hashed password can't be decoded (i.e. you can't determine the password
14671467
from the hashed password).
14681468

1469+
Named encoders
1470+
..............
1471+
1472+
.. versionadded:: 2.5
1473+
Named encoders were introduced in Symfony 2.5
1474+
1475+
Another option is to set the encoder dynamically on an instance basis.
1476+
In the previous example, you've set the ``sha512`` algorithm for ``Acme\UserBundle\Entity\User``.
1477+
This may be secure enough for a regular user, but what if you want your admins to have
1478+
a stronger algorithm? Let's say ``bcrypt``. This can be done with named encoders:
1479+
1480+
.. configuration-block::
1481+
1482+
.. code-block:: yaml
1483+
1484+
# app/config/security.yml
1485+
security:
1486+
# ...
1487+
encoders:
1488+
harsh:
1489+
algorithm: bcrypt
1490+
cost: 15
1491+
1492+
.. code-block:: xml
1493+
1494+
<!-- app/config/security.xml -->
1495+
<?xml version="1.0" encoding="UTF-8" ?>
1496+
<srv:container xmlns="http://symfony.com/schema/dic/security"
1497+
xmlns:srv="http://symfony.com/schema/dic/services">
1498+
1499+
<config>
1500+
<!-- ... -->
1501+
<encoder class="harsh"
1502+
algorithm="bcrypt"
1503+
cost="15" />
1504+
</config>
1505+
</srv:container>
1506+
1507+
.. code-block:: php
1508+
1509+
// app/config/security.php
1510+
$container->loadFromExtension('security', array(
1511+
// ...
1512+
'encoders' => array(
1513+
'harsh' => array(
1514+
'algorithm' => 'bcrypt',
1515+
'cost' => '15'
1516+
),
1517+
),
1518+
));
1519+
1520+
Now you've created an encoder named ``harsh``. In order for a ``User`` instance to use it,
1521+
It must implement ``EncoderAwareInterface`` and have a method ``getEncoderName`` which returns the
1522+
name of the encoder to use::
1523+
1524+
// src/Acme/UserBundle/Entity/User.php
1525+
namespace Acme\UserBundle\Entity;
1526+
1527+
use Symfony\Component\Security\Core\User\UserInterface;
1528+
use Symfony\Component\Security\Core\Encoder\EncoderAwareInterface;
1529+
1530+
class User implements UserInterface, EncoderAwareInterface
1531+
{
1532+
public function getEncoderName()
1533+
{
1534+
if ($this->isAdmin()) {
1535+
return 'harsh';
1536+
}
1537+
1538+
return null; // use the default encoder
1539+
}
1540+
}
1541+
14691542
Determining the Hashed Password
14701543
...............................
14711544

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.