Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Improved Bcrypt password encoder #6023

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 6 commits into from
Closed

Improved Bcrypt password encoder #6023

wants to merge 6 commits into from

Conversation

TerjeBr
Copy link

@TerjeBr TerjeBr commented Nov 15, 2012

This is my improvement to the BCryptPasswordEncoder that first Elnur wrote a pull request for.
Fix for issue: #5932

@TerjeBr TerjeBr mentioned this pull request Nov 15, 2012
Closed
@TerjeBr
Copy link
Author

TerjeBr commented Nov 15, 2012

Yes, I know. It is a comment in there that it is still on the TODO list to use SecureRandom.

But I want to know, exactly how am I violating the coding style?

@jalliot
Copy link
Contributor

jalliot commented Nov 19, 2012

Note that it would be nice if you also support PHP 5.5 native function password_hash if available (see https://gist.github.com/3707231). You should probably enforce PASSWORD_BCRYPT instead of PASSWORD_DEFAULT to be sure that you use bcrypt though (it might change in later versions of PHP).

stof
stof reviewed Nov 19, 2012
View reviewed changes
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
* A secure random generator
* @var SecureRandomInterface
*/
private $secure_random;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be a camelCased name

@TerjeBr
Copy link
Author

TerjeBr commented Nov 19, 2012

@stof are we going to use this pull request?
I thought it was the one that @elnur made that was going to be used. Elnurs pull request

@stof
Copy link
Member

stof commented Nov 19, 2012

hmm, this PR is indeed not build on top of @elnur's PR but on top of an outdated version of @elnur's PR

@elnur
Copy link
Contributor

elnur commented Nov 19, 2012

Let's not spread the effort. I'm taking your suggestions to my PR into account when I think they are reasonable, and working on it when I have time. If you won't agree with my PR when it's gone final and merged, you can open another PR with fixes.

@TerjeBr
Copy link
Author

TerjeBr commented Nov 19, 2012

Well, it was the most up to date version of @elnur's PR at the time when I wrote it.

@TerjeBr
Copy link
Author

TerjeBr commented Nov 19, 2012

@elnur I opened a new PR on the main symfony/symfony branch by a mistake. It was because it somehow was impossible to make the pull request aginst the elnur/symfony branch. So yes, everyone but @elnur should ignore this pull request.

@TerjeBr TerjeBr closed this Nov 20, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@TerjeBr @jalliot @stof @elnur