symfony · Seb33300 · Sep 7, 2021 · yceruto · Sep 4, 2021 · yceruto
diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/config/form.php b/src/Symfony/Bundle/FrameworkBundle/Resources/config/form.php
@@ -18,6 +18,7 @@
 use Symfony\Component\Form\Extension\Core\Type\ColorType;
 use Symfony\Component\Form\Extension\Core\Type\FileType;
 use Symfony\Component\Form\Extension\Core\Type\FormType;
+use Symfony\Component\Form\Extension\Core\Type\PasswordType;
 use Symfony\Component\Form\Extension\Core\Type\SubmitType;
 use Symfony\Component\Form\Extension\Core\Type\TransformationFailureExtension;
 use Symfony\Component\Form\Extension\DependencyInjection\DependencyInjectionExtension;
@@ -113,6 +114,13 @@
             ->args([service('translator')->ignoreOnInvalid()])
             ->tag('form.type')
 
+        ->set('form.type.password', PasswordType::class)
+            ->args([
+                service('security.password_hasher')->ignoreOnInvalid(),
+                service('form.property_accessor'),
+            ])
+            ->tag('form.type')
+
         ->set('form.type_extension.form.transformation_failure_handling', TransformationFailureExtension::class)
             ->args([service('translator')->ignoreOnInvalid()])
             ->tag('form.type_extension', ['extended-type' => FormType::class])

@@ -6,6 +6,7 @@ CHANGELOG
 
  * Deprecate calling `FormErrorIterator::children()` if the current element is not iterable.
  * Allow to pass `TranslatableMessage` objects to the `help` option
+ * Add `hash_mapping` option to `PasswordType`
 
 5.3
 ---

@@ -17,6 +17,7 @@
 use Symfony\Component\Form\ChoiceList\Factory\DefaultChoiceListFactory;
 use Symfony\Component\Form\ChoiceList\Factory\PropertyAccessDecorator;
 use Symfony\Component\Form\Extension\Core\Type\TransformationFailureExtension;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
 use Symfony\Component\PropertyAccess\PropertyAccess;
 use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
 use Symfony\Contracts\Translation\TranslatorInterface;
@@ -31,12 +32,14 @@ class CoreExtension extends AbstractExtension
     private $propertyAccessor;
     private $choiceListFactory;
     private $translator;
+    private $passwordHasher;
 
-    public function __construct(PropertyAccessorInterface $propertyAccessor = null, ChoiceListFactoryInterface $choiceListFactory = null, TranslatorInterface $translator = null)
+    public function __construct(PropertyAccessorInterface $propertyAccessor = null, ChoiceListFactoryInterface $choiceListFactory = null, TranslatorInterface $translator = null, UserPasswordHasherInterface $passwordHasher = null)
     {
         $this->propertyAccessor = $propertyAccessor ?: PropertyAccess::createPropertyAccessor();
         $this->choiceListFactory = $choiceListFactory ?? new CachingFactoryDecorator(new PropertyAccessDecorator(new DefaultChoiceListFactory(), $this->propertyAccessor));
         $this->translator = $translator;
+        $this->passwordHasher = $passwordHasher;
     }
 
     protected function loadTypes()
@@ -58,7 +61,7 @@ protected function loadTypes()
             new Type\LocaleType(),
             new Type\MoneyType(),
             new Type\NumberType(),
-            new Type\PasswordType(),
+            new Type\PasswordType($this->passwordHasher, $this->propertyAccessor),
             new Type\PercentType(),
             new Type\RadioType(),
             new Type\RangeType(),

@@ -0,0 +1,61 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Extension\Core\EventListener;
+
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
+use Symfony\Component\Form\FormEvent;
+use Symfony\Component\Form\FormEvents;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Symfony\Component\PropertyAccess\PropertyAccess;
+use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
+
+/**
+ * @author Sébastien Alfaiate <s.alfaiate@webarea.fr>
+ */
+class PasswordHasherListener implements EventSubscriberInterface
+{
+    private $passwordHasher;
+    private $propertyAccessor;
+
+    public function __construct(UserPasswordHasherInterface $passwordHasher = null, PropertyAccessorInterface $propertyAccessor = null)
+    {
+        $this->passwordHasher = $passwordHasher;
+        $this->propertyAccessor = $propertyAccessor ?? PropertyAccess::createPropertyAccessor();
+    }
+
+    public static function getSubscribedEvents()
+    {
+        return [
+            FormEvents::SUBMIT => ['hashPassword', -256],
+        ];
+    }
+
+    public function hashPassword(FormEvent $event)
+    {
+        $form = $event->getForm();
+        $parentForm = $form->getParent();
+
+        if ($parentForm && $parentForm->getConfig()->getType()->getInnerType() instanceof RepeatedType) {
+            $parentForm = $parentForm->getParent();
+        }
+
+        if ($parentForm && ($user = $parentForm->getData()) && ($user instanceof PasswordAuthenticatedUserInterface)) {
+            $this->propertyAccessor->setValue(
+                $user,
+                $form->getConfig()->getOption('hash_mapping'),
+                $this->passwordHasher->hashPassword($user, $event->getData())
+            );
+        }
+    }
+}
@@ -12,13 +12,41 @@
 namespace Symfony\Component\Form\Extension\Core\Type;
 
 use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\Exception\InvalidConfigurationException;
+use Symfony\Component\Form\Extension\Core\EventListener\PasswordHasherListener;
+use Symfony\Component\Form\FormBuilderInterface;
 use Symfony\Component\Form\FormInterface;
 use Symfony\Component\Form\FormView;
 use Symfony\Component\OptionsResolver\Options;
 use Symfony\Component\OptionsResolver\OptionsResolver;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Symfony\Component\PropertyAccess\PropertyAccess;
+use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
 
 class PasswordType extends AbstractType
 {
+    private $passwordHasher;
+    private $propertyAccessor;
+
+    public function __construct(UserPasswordHasherInterface $passwordHasher = null, PropertyAccessorInterface $propertyAccessor = null)
+    {
+        $this->passwordHasher = $passwordHasher;
+        $this->propertyAccessor = $propertyAccessor ?? PropertyAccess::createPropertyAccessor();
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function buildForm(FormBuilderInterface $builder, array $options)
+    {
+        if ($options['hash_mapping']) {
+            if ($options['hash_mapping'] == $builder->getName()) {
+                throw new InvalidConfigurationException('The hash_mapping property must be a different.');
+            }
+            $builder->addEventSubscriber(new PasswordHasherListener($this->passwordHasher, $this->propertyAccessor));
+        }
+    }
+
     /**
      * {@inheritdoc}
      */
@@ -36,6 +64,7 @@ public function configureOptions(OptionsResolver $resolver)
     {
         $resolver->setDefaults([
             'always_empty' => true,
+            'hash_mapping' => null,
             'trim' => false,
             'invalid_message' => function (Options $options, $previousValue) {
                 return ($options['legacy_error_messages'] ?? true)
-Original file line number
+Diff line change
@@ Expand Up / @@ -6,6 +6,7 @@ CHANGELOG @@
      * Deprecate calling `FormErrorIterator::children()` if the current element is not iterable.
      * Allow to pass `TranslatableMessage` objects to the `help` option
+     * Add `hash_mapping` option to `PasswordType`
 .3
     ---
@@ Expand Down @@