I've hit a dead end here. When I save any kind of entity in my controller, the password and salt of the user that is currently logged in is blanked out in the database.
This is a relevant portion of my security configuration:
security:
encoders:
ISE\LoginBundle\Entity\User:
algorithm: sha1
iterations: 1
encode_as_base64: false
providers:
main:
entity:
class: ISE\LoginBundle\Entity\User
property: username
This is the eraseCredentials method of my user class. I suspect that at some point this method is called and then the user object is saved to the database with these changes. But I have no idea where that could be:
class User implements UserInterface {
// ...
public function eraseCredentials() {
$this->password = null;
$this->salt = null;
}
// ...
}
And this is an example of how I save an entity in one of my controllers, in this case it's the ProductController. Just a reminder: I am not manipulating the User object in my code in any way:
public function createAction() {
// ...
if ($form->isValid()) {
$em开发者_如何学编程 = $this->get('doctrine')->getEntityManager();
$em->persist($product);
$em->flush();
return $this->redirect($this->generateUrl('product_create', array('created' => true)));
}
// ...
}
I wouldn't expect any of this code to delete the user's password or salt in the database, yet exactly that happens. Can anyone help me beat my code into submission?
Symfony has a difference between plaintext and hashed credetials. In "eraseCredentials" you are supposed to delete all the plaintext information, not the hashed credetials that are saved to the database.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论