4

I made a simple registration form with form builder. It seems I did everything totally like in the documentation and articles but I still can't make passwords to store in database not in a plain text.

Here are some files, please, help me.

security.yml: http://pastebin.com/4FwBaZQK
Acme\UserBundle\Entity\User: http://pastebin.com/iUGd4Cz1
Acme\SecurityBundke\Controller\SecurityController: http://pastebin.com/wTVy2zE2

Improve this question

1 Answer 1

Reset to default
15

Check out the documentation on encoding user passwords.

The code snippet from the documentation should be applied to the user object after it's bound, but before it's persisted and flushed (so between lines 45 and 46 in your Security controller):

$factory = $this->get('security.encoder_factory');
$user = new Acme\UserBundle\Entity\User();

$encoder = $factory->getEncoder($user);
$password = $encoder->encodePassword($user->getPassword(), $user->getSalt());
$user->setPassword($password);
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I suppose you could implement a Doctrine event listener to do this behind the scenes before an entity is persisted.
I created a short gist that you can use as a service to preserve separation of concerns. You could even extend it a little bit to take the user as a reference and modify the password inline, if you wanted to streamline the process in your controller.
Thank you! Will try to obtain the factory in the controller and pass to setPassword as optional parameter.
Where will the salt come from? $user->getSalt() will just return an empty string the first time for me

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.