Fosuserbundle: Avoid Salt generator when using encoders like Bcrypt
This is not a big issue but FOSUserBundle generates and store in db the salt when i use my own Bcrypt encoder but bcrypt doesn't need a salt to be persisted so it's useless
runcom
All 7 comments
Good suggestion. Right now after a doctrine:schema:update i have to manually have to change the salt column to allow null values. I have not been able to override the salt property in any way in the Doctrine ORM. It's said that it should be possible with listeners to the onLoadMetadata event. But it's still a violation in OOP. I have not tried with the listeners yet. For now i just manually change salt to allow null = true in my schema.
flip111
on 2 Jul 2013
Something like this should do the trick:
namespace Acme\DemoBundle\Entity;
use FOS\UserBundle\Model\User as BaseUser
/**
* @ORM\AttributeOverrides({
* @ORM\AttributeOverride(name="salt", column=@ORM\Column(nullable=true))
* })
*/
class User extends BaseUser
{
// ...
}
stof
on 2 Jul 2013
You would think so ... however that's one of the options i have exhausted.
flip111
on 2 Jul 2013
in /vendor/friendsofsymfony/user-bundle/FOS/UserBundle/Model/User.php:
remove all instances of salt and change function like so
public function getSalt()
{
return "";
}
empty strings are good since they evaluate to false in php so it won't get added as a salt parameter for bcrypt so automagic salt generator gets invoked.
vendor/friendsofsymfony/user-bundle/FOS/UserBundle/Resources/config/doctrine/model/User.orm.xml
remove salt field.
boogerlad
on 8 Dec 2013
IMHO we can't fix this, because the symfony encoder method expects a valid salt.
core23
on 28 Sep 2016
@core23 where exactly in the code of FUB is the coupling between the user model and the symfony encoder?
flip111
on 29 Sep 2016
core23
on 1 Oct 2016
Related issues
antoinemineau
路
5Comments
Dine90
路
5Comments
gencer
路
4Comments
Toumm
路
3Comments
karimdev
路
4Comments
Most helpful comment
Something like this should do the trick: