ogizanagi/encodpwd-command-bundle

Provides a simple command to get encoded password following the security configured encoders.

Saturday, October 18, 2014
by ogizanagi
Repository
1 Watchers
0 Stars
21 Installations

PHP
0 Dependents
0 Suggesters
0 Forks
0 Open issues
3 Versions
0 % Grown

Encod Password Command Bundle

Description

Provides a simple command to get encoded password following the security configured encoders., _(*1)

Installation

Add the following dependency to your composer.json file:, _(*2)

``` json { "require": { "_other_packages": "...", "ogizanagi/encodpwd-command-bundle": "dev-master" } }, _(*3)


Run composer update for this package, and add the following lines to your `AppKernel.php`:

``` php
<?php
// app/AppKernel.php

public function registerBundles()
{
    $bundles = array(
        // ...
        new Ogi\EncodPwdCommandBundle\OgiEncodPwdCommandBundle(),
    );
}

Usage

Considering the following configuration:, _(*4)

``` yaml, _(*5)

security.yml----------------------

security: encoders: Acme\UserBundle\Entity\User: sha512 FOS\UserBundle\Model\UserInterface: sha1 Symfony\Component\Security\Core\User\User: pbkdf2, _(*6)


The `Symfony\Component\Security\Core\User\User` is used for in_memory user provider is the main use case for this command (we don't want a plaintext password and need to generate it at application deployment:

``` yaml
#security.yml----------------------
security:
    encoders:
        ...

    providers:
        fos_users:
            id: fos_user.user_provider.username_email
        admin:
            memory:
                users:
                    - { name: %main_admin_login%, password: %main_admin_password%, roles: ['ROLE_ADMIN', 'ROLE_SUPER_ADMIN'] }
        custom_user:
            id: acme_user.user.provider

``` yaml, _(*7)

parameters.yml----------------------

This file is auto-generated during the composer install

parameters: database_driver: pdo_mysql database_host: 127.0.0.1 ... main_admin_login: admin main_admin_password: e6P2xrFqA62TIb5E9wwB1+HxE6P/W1Auy7Xx3V8Oy1a8G99NmXz9pg== #'admin' encoded with pbkdf2 ..., _(*8)


You could use the following command to generate an encoded password for given user type, which default is `Symfony\Component\Security\Core\User\User` :

php app/console ogi:pwd_encode {PASSWORD} [--salt|-s {SALT}] [--user-class|-uc {USER_CLASS}], _(*9)


where `{PASSWORD}` is the plaintext password you want to encode.  

The result will be something like:

Encoding password...
Your encoded password: e6P2xrFqA62TIb5E9wwB1+HxE6P/W1Auy7Xx3V8Oy1a8G99NmXz9pg==, _(*10)


You can call `--help` option to get more infos: 

>Arguments:  
    - password              Password to encode.  
Options:  
    - --salt (-sa)                  User salt.  
    - --user-class (-uc)            The user class for which we want to generate password. (default: "Symfony\\Component\\Security\\Core\\User\\User")  


Example for à `FOS\UserBundle\Model\UserInterface` user :

php bin/console ogi:pwd_encode p@ssw0rd --salt s@lt --user-class "FOS\UserBundle\Model\UserInterface" Encoding password... Your encoded password: a+1+g+m/ZK6G/tzE8C5ZRu7n/RM= ```, _(*11)

Improvements

The following improvements could be made:, _(*12)

Improve errors handling.
Allow to generate a password for a given user and update it in database and/or in configuration for in_memory users ?
Interactive prompt to chose an user class & co.
Any other suggested improvements.