Password migration issue

The dummy user's credentials:

Username: [email protected]
Password: secret

Setup

Run make up to start the Docker containers
Run make setup-database to create the DB schema and load fixtures
The app is available at http://localhost:8080

Flow 1:

Go to http://localhost:8080/login
Log in using the credentials from above

Symfony will use legacy_md5_password_encoder because the User entity implements PasswordHasherAwareInterface. The legacy hasher's needsRehash always returns true so Symfony will re-hash the user's plaintext password using the legacy hasher.

Flow 2:

Remove the PasswordHasherAwareInterface implementation from src/Entity/User.php
Go to http://localhost:8080/login
Log in using the credentials from above

Symfony will now use vendor/symfony/password-hasher/Hasher/MigratingPasswordHasher.php to verify the given password because it doesn't seem to know this user needs to use the legacy hasher. Login fails due to usage of wrong hasher.

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
bin		bin
config		config
docker		docker
migrations		migrations
public		public
src		src
templates		templates
.env		.env
.gitignore		.gitignore
Makefile		Makefile
README.md		README.md
composer.json		composer.json
composer.lock		composer.lock
docker-compose.yml		docker-compose.yml
symfony.lock		symfony.lock

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Password migration issue

Setup

Flow 1:

Flow 2:

About

Releases

Packages

Languages

guusfrenken-wk/pw-migration-issue

Folders and files

Latest commit

History

Repository files navigation

Password migration issue

Setup

Flow 1:

Flow 2:

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages