0
votes

I'm trying to authenticate users in Mysql database generated by Symfony 2. In Security.yml I have this :

security:
    encoders:
        "FOS\UserBundle\Model\UserInterface": sha512

In User Table there is 2 fields : Salt and Password.

All passwords are like that :

YqkYUe0pV/TAw12aG2UcBax0hnJNeHez/S0uBGbnDDBxWD2Yeetqm4DfMn/8WKILIeRpM7ncTJ9coYOiNPGeOA==

I'm working on a webservice to authenticate users using PHP. I don't which functions do I have to use to compare plain password with the encrypted ones?

2
Did you read the documentation? - A.L
Exactly when do you compare plain passwords with encrypted? I am guessing you are being sent encrypted passwords via the web service in the first place? If a password is authenticated from a web service side, the password sent to the web service shouldn't matter. Is this the case? or you are comparing in plain PHP? - Chathushka

2 Answers

0
votes

You have to get the password encoder factory from the container.

You can do so like this :

$factory = $container->get('security.encoder_factory'); //$container refers to your container, it can be also $this->container
$user = new Your\Bundle\Entity\User();

$encoder = $factory->getEncoder($user);
$encodedPassword = $encoder->encodePassword($nonEncodedPassword, $user->getSalt());

This should be enough. Of course you can set "by hand" the second encodePassword parameter as its the salt used to encode all paswords. It's usually defined in your user implementation class, that's why we give here an entity instancied object.