[symfony-users] Re: Dumping and loading passwords (re-hashing)

[Tom Ptacnik]

I can't check in the changes means, that you can't update the plugin
via svn?

I fso, than you can do your changes in the model/doctrine/
sfDoctrineGuardPlugin sfGuardUser.class.php don't you? .. then this
problem will be solved.


On 21 kvě, 18:12, ashton ahonn...@gmail.com wrote:
 I have a question regarding dumping and loading passwords.  In 1.4.5 I
 am experiencing passwords hashes being re-hashed after a dump/load.
 This is because when the data is loaded the set method is expecting
 plaintext and hashes the hash that was passed in. (describes 
 issuehttp://forum.symfony-project.org/index.php/m/76257/)

 Apparently there are two methods for fixing this:
 1) alter setPassword to behave differently (don't hash if it looks
 like a hash OR don't hash if the object is new and salt exists)
 2) alter the yaml file so that password_hash is set, not password.
 (sed -i s/password:/password_hash:/g data/fixtures/data.yml)

 These both work for me but I'm having issues with them both.  If I use
 method one, then I can't check in the changes since they are inside
 the plugin (I put them in PluginsfGuardUser because I couldn't get
 them to work in myUser).  If I use method two then that means running
 a sed script on the yaml after I dump it and hoping that I don't
 forget and blow everything away.

 I would think that there is a solution that 'just works', I'd like to
 hear what everyone else does.  Bundle the sed command into a new cli
 action?  Alter a different file for the user?

 Thanks!
 ashton

 --
 If you want to report a vulnerability issue on symfony, please send it to 
 security at symfony-project.com

 You received this message because you are subscribed to the Google
 Groups symfony users group.
 To post to this group, send email to symfony-users@googlegroups.com
 To unsubscribe from this group, send email to
 symfony-users+unsubscr...@googlegroups.com
 For more options, visit this group 
 athttp://groups.google.com/group/symfony-users?hl=en

-- 
If you want to report a vulnerability issue on symfony, please send it to 
security at symfony-project.com

You received this message because you are subscribed to the Google
Groups symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en

Re: [symfony-users] Re: Dumping and loading passwords (re-hashing)

[ashton honnecke]

Beautiful!  Thank you!

On Mon, May 24, 2010 at 1:25 AM, Tom Ptacnik to...@tomor.cz wrote:
 I can't check in the changes means, that you can't update the plugin
 via svn?

 I fso, than you can do your changes in the model/doctrine/
 sfDoctrineGuardPlugin sfGuardUser.class.php don't you? .. then this
 problem will be solved.


 On 21 kvě, 18:12, ashton ahonn...@gmail.com wrote:
 I have a question regarding dumping and loading passwords.  In 1.4.5 I
 am experiencing passwords hashes being re-hashed after a dump/load.
 This is because when the data is loaded the set method is expecting
 plaintext and hashes the hash that was passed in. (describes 
 issuehttp://forum.symfony-project.org/index.php/m/76257/)

 Apparently there are two methods for fixing this:
 1) alter setPassword to behave differently (don't hash if it looks
 like a hash OR don't hash if the object is new and salt exists)
 2) alter the yaml file so that password_hash is set, not password.
 (sed -i s/password:/password_hash:/g data/fixtures/data.yml)

 These both work for me but I'm having issues with them both.  If I use
 method one, then I can't check in the changes since they are inside
 the plugin (I put them in PluginsfGuardUser because I couldn't get
 them to work in myUser).  If I use method two then that means running
 a sed script on the yaml after I dump it and hoping that I don't
 forget and blow everything away.

 I would think that there is a solution that 'just works', I'd like to
 hear what everyone else does.  Bundle the sed command into a new cli
 action?  Alter a different file for the user?

 Thanks!
 ashton

 --
 If you want to report a vulnerability issue on symfony, please send it to 
 security at symfony-project.com

 You received this message because you are subscribed to the Google
 Groups symfony users group.
 To post to this group, send email to symfony-users@googlegroups.com
 To unsubscribe from this group, send email to
 symfony-users+unsubscr...@googlegroups.com
 For more options, visit this group 
 athttp://groups.google.com/group/symfony-users?hl=en

 --
 If you want to report a vulnerability issue on symfony, please send it to 
 security at symfony-project.com

 You received this message because you are subscribed to the Google
 Groups symfony users group.
 To post to this group, send email to symfony-users@googlegroups.com
 To unsubscribe from this group, send email to
 symfony-users+unsubscr...@googlegroups.com
 For more options, visit this group at
 http://groups.google.com/group/symfony-users?hl=en


-- 
If you want to report a vulnerability issue on symfony, please send it to 
security at symfony-project.com

You received this message because you are subscribed to the Google
Groups symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en