Skip to content

Commit 3a1c28a

Browse files
wouterjwouterj
committed
feature #39802 [Security] Extract password hashing from security-core - with proper wording (chalasr)
This PR was merged into the 5.3-dev branch. Discussion ---------- [Security] Extract password hashing from security-core - with proper wording | Q | A | ------------- | --- | Branch? | 5.x | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | Fixes #39698 | License | MIT | Doc PR | todo This PR renames password "encoders" to password _hashers_ (naming widely used, see e.g. django or laravel). This also takes the opportunity to extract the logic related to password hashing from security-core, moving it to a new password-hasher component. Nowadays, many modern web apps and APIs don't deal with passwords at all, that's why splitting makes sense as a step towards making security-core not tied to the password concept. For upgrading, applications will have to use `passwords_hashers` instead of `encoders` in their security configuration, and type-hint against `PasswordHasherInterface` (and related) instead of `PasswordEncoderInterface`. The proposed API is not much different from the encoder one regarding behavior and signatures, and it is slightly more close to the PHP built-in password hashing API: ```php namespace Symfony\Component\PasswordHasher; interface PasswordHasherInterface { public function hash(string $plainPassword): string; public function verify(string $hashedPassword, string $plainPassword): bool; public function needsRehash(string $hashedPassword): bool; } ``` Commits ------- c5c981c559 [Security] Extract password hashing from security-core - using the right naming
2 parents 463ed23 + 3d38000 commit 3a1c28a

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@
5151
"symfony/messenger": "^5.2",
5252
"symfony/mime": "^4.4|^5.0",
5353
"symfony/process": "^4.4|^5.0",
54-
"symfony/security-bundle": "^5.2",
54+
"symfony/security-bundle": "^5.3",
5555
"symfony/serializer": "^5.2",
5656
"symfony/stopwatch": "^4.4|^5.0",
5757
"symfony/string": "^5.0",

0 commit comments

Comments
 (0)