Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encrypting username breaks user login authentication #27

Open
krisd opened this issue Jun 26, 2014 · 2 comments
Open

Encrypting username breaks user login authentication #27

krisd opened this issue Jun 26, 2014 · 2 comments

Comments

@krisd
Copy link

krisd commented Jun 26, 2014

When encrypting the username field of a User entity implementing the UserInterface, login authentication seems to be broken.
@Chunliang
Copy link

same problem!

@wodka
Copy link

wodka commented Oct 22, 2014

makes sense -> I would be surprised if you could search for encrypted properties.

login usually works like this:

  1. identifier / pass from user
  2. search database with identifier
    -> cannot find the identifier because: identifier != encrypted(identifier)

meaning in addition to have the username encrypted you would have to implement a custom User Manager (https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Resources/doc/user_manager.md)

-> in there you could encrypt the given username even before you search the storage.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@wodka @Chunliang @krisd