README

安装

composer require despark/password-policy-bundle

配置

1. 在你的实体中实现 HecFranco\PasswordPolicyBundle\Model\HasPasswordPolicyInterface 以支持密码策略。

2. 在一个新的实体中实现 HecFranco\PasswordPolicyBundle\Model\PasswordHistoryInterface 来存储密码历史记录。

3. 配置密码策略在每个实体上的行为。配置示例见这里

4. 您需要在 $plainPassword 字段上添加 @PasswordPolicy() 验证规则

配置示例

hec_franco_password_policy:
    entities:
        # the entity class implementing HasPasswordPolicyInterface
        App\Entity\Participant:
            # The route where the user will be notified when password is expired
            notified_routes: 
                - participant_profile
            # These routes will be excluded from the expiry check
            excluded_notified_routes: ~
            # Which is the password property in the entity (defaults to 'password')
            password_field: ~

            # Password history property in the entity (default to 'passwordHistory')
            password_history_field: ~

            # How many password changes to track (defaults to 3)
            passwords_to_remember: ~

            # Force expiry of the password in that many days
            expiry_days: ~
        App\Entity\User:
            notified_routes: 
                - admin_app_user_edit
    expiry_listener:
            # You can change the expiry listener priority
            priority: 0
            error_msg:
                text:
                    title: 'Your password expired.'
                    message: 'You need to change it'
                type: 'error'

        listener_priority: 0
        # The route that needs to be shown to the user when password is expired
        lock_route: participant_settings

过期

过期是通过检查每次请求应用时最后一次密码更改来实现的，不包括在应用程序中配置的

需要了解的要点

该库使用doctrine生命周期事件来创建密码历史并在目标实体上设置最后密码更改。为了实现这一点，我们使用onFlush事件并重新计算其中的历史更改集。您必须意识到，任何在重新计算之后的实体更改都不会被持久化到数据库中。