通过 
搜索
搜索despark / password-policy-bundle
密码策略执行
v0.1.10
2020-01-06 08:52 UTC
Requires
- php: ^7.1|^7.2
- doctrine/collections: ^1.5
- doctrine/orm: ^2.6
- nesbot/carbon: ~1.18
- symfony/framework-bundle: ^4.1
- symfony/validator: ^4.1
Requires (Dev)
- mockery/mockery: ^1.1
- phpunit/phpunit: ^7.2
README
安装
composer require despark/password-policy-bundle
配置
-
在支持密码策略的实体中实现
Despark\PasswordPolicyBundle\Model\HasPasswordPolicyInterface。 -
在一个新实体中实现
Despark\PasswordPolicyBundle\Model\PasswordHistoryInterface,该实体将存储密码历史记录。 -
配置密码策略在每个实体上的行为。配置示例 在此。
-
您需要在
$plainPassword字段上添加@PasswordPolicy()验证规则。
配置示例
password_policy:
entities:
# the entity class implementing HasPasswordPolicyInterface
App\Entity\Participant:
# The route where the user will be locked when password is expired
lock_route: participant_profile
# Params to pass to the locked param when build.
lock_route_params:
locked: '1'
# Which is the password property in the entity (defaults to 'password')
password_field: ~
# Password history property in the entity (default to 'passwordHistory')
password_history_field: ~
# How many password changes to track (defaults to 3)
passwords_to_remember: ~
# Force expiry of the password in that many days
expiry_days: ~
App\Entity\User:
lock_route: admin_app_user_edit
lock_route_params:
# {id} will paresed as current user id when possible
id: '{id}'
expiry_listener:
# You can change the expiry listener priority
priority: 0
error_msg:
text: 'Your password expired. You need to change it'
type: 'error'
listener_priority: 0
# The route that needs to be shown to the user when password is expired
lock_route: participant_settings
# These routes will be excluded from the expiry check
excluded_routes: ~
过期
过期通过检查对应用程序的每个请求的最后一次密码更改来实现,排除应用中配置的请求。
注意事项
该库使用 doctrine 生命周期事件在目标实体上创建密码历史记录并设置最后密码更改。为此,我们使用 onFlush 事件并在其中重新计算历史更改集合。您必须注意这一点,因为任何在重新计算之后更改的实体将不会被持久化到数据库中。