dongmou5628
2014-08-16 00:15
浏览 19
已采纳

在Symfony2应用程序中验证用户

This is going to sound very weird but kindly bear with me. I have built a symfony2 application which runs pretty well on the web.

Some users in the field are having so much trouble accessing the application on their phones in the field because we all know how heavy symfony is. The situation is so bad i'm forced to heavily scale down their access to just a four page access with just three php files, 1 for authentication, one for data entry and one for viewing their entries, all these without using symfony2 but plain php.

Now to my question, how do i check password against database password/salt?

I'm using FOSUserBundle for security

图片转代码服务由CSDN问答提供 功能建议

这听起来很奇怪,但请耐心等待。 我已经构建了一个symfony2应用程序,它在Web上运行得很好。

该领域的一些用户在现场手机上访问应用程序时遇到了很多麻烦,因为我们都知道symfony有多重。 情况非常糟糕,我被迫大规模缩减他们只有三个php文件的访问权限,一个用于身份验证,一个用于数据输入,一个用于查看他们的条目,所有这些都不使用symfony2但是纯PHP 。

现在我的问题是,如何根据数据库密码/盐检查密码?

我正在使用FOSUserBundle进行安全性

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • douwei7501 2014-08-16 00:48
    已采纳

    Are you sure you're using FOSUserBundle for security? I think you'll find you're using the core SecurityBundle for that. The way the user's password is stored will depend on how you have configured the security system.

    The MessageDigestPasswordEncoder is what is used to encode the passwords. From looking at that code you can replicated it as needed. The gist of it is merge the password and salt ($password.'{'.$salt.'}') and then run it through PHP's hash function hash($this->algorithm, $salted, true) for however many iterations are needed.

    Although, not specifically related to the question you asked, I'm a little confused as to what you mean by having to scale back the PHP for mobile users? Server page generation will take just as long for mobile as desktop users so why are you reimplementing outside of the symfony framework?

    评论
    解决 无用
    打赏 举报
查看更多回答(1条)

相关推荐 更多相似问题