visit our site

How to Create a Custom Symfony2 Password Encoder

In PHP and Symfony

by Dragos Holban on October 12, 2015

As you advance through your Symfony2 developer life, you will probably encounter the need to create a custom password encoder for you Symfony2 project. One of the most common reasons to do this, is when you migrate from an old project (different technology) and you have to keep users together with their working passwords. As you probably cannot find out the plain passwords to be able to just save them to your new database, you will need to replicate the algorithm used to encode them so they will keep working when the transition is over.

In order to add a new, custom, password encoder to your Symfony2 project, you will need to create the encoder class, register it as a service and then specify it in the security.yml configuration file of your project.

Below you will find the necessary code to implement this:

 

AppBundle/Security/Core/Encoder/MyPasswordEncoder.php

 

app/config/services.yml

 

app/config/security.yml

 

2 Replies to “How to Create a Custom Symfony2 Password Encoder”

  1. The method isPasswordValid() should call the encodePassword and catch the exception to return false in case it is thrown, so to avoid code repetition, we are encoding the password twice: sha1($this->mergePasswordAndSalt($raw, $salt)); is called in two different places, a clear violation of the DRY principle.

Leave a Reply

Your email address will not be published. Required fields are marked *

+1
Share
Tweet
Share
Stumble
Pin