2017 © Pedro Peláez
 

symfony-bundle change-password-bundle

Bundle used to manage User password history and user change password policy

image

acseo/change-password-bundle

Bundle used to manage User password history and user change password policy

  • Thursday, March 24, 2016
  • by npotier
  • Repository
  • 3 Watchers
  • 2 Stars
  • 208 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 2 Forks
  • 0 Open issues
  • 1 Versions
  • 0 % Grown

The README.md

User Password History Management

Purpose

This Bundle allows to manage user password history. It has been developped and tested to work with the famous FOSUserBundle Bundle., (*1)

What this bundle does : - Store the User's password whenever this password is changed in the table password_history. - Redirect the User to the route fos_user_change_password eveytime the User's password is older than 30 days. - Optionaly, provide a constraints that forbids the User to set a password if this password has already been used., (*2)

Installation

1) Add the bundle to you composer.json file :, (*3)

composer require 'acseo/change-password-bundle:dev-master'

2) Enable the Bundle, (*4)

// app/AppKernel.php
class AppKernel extends Kernel
{
    public function registerBundles()
    {
        $bundles = array(
        //...
        new ACSEO\ChangePasswordBundle\ACSEOChangePasswordBundle(),
        //...

3) Map your User Class The bundle use an Entity, PasswordHistory, which store previous hashed passwords used by an user. In order to be generic, this entity has a ManyToOne relation with a User entity. This user Entity must extends the FOS\UserBundle\Model\User abstract class., (*5)

Edit your config file :, (*6)

# app/config/config.yml
doctrine:
    orm:
        resolve_target_entities:
            "FOS\UserBundle\Model\User": "YourBundle\Entity\YourUser"

4) Update your database to create the new password_history table, (*7)

$ app/console doctrine:schema:update --dump-sql
$ app/console doctrine:schema:update --force

From now Password History is set up. The table password_history will store the changed user password whenever this password is changed, (*8)

5) Enable Password history constraint, (*9)

# src/YourBundle/Resources/config/validation.yml
YourBundle\Entity\YourUser:
    properties:
        # ...
        plainPassword:
            - ACSEO\ChangePasswordBundle\Validator\Constraints\NotInPreviousPasswords: ~

And that's it !, (*10)

About

Feel free to comment or improve this bundle by creating issues or submitting pull requests, (*11)

The Versions

24/03 2016

dev-master

9999999-dev https://github.com/acseo/ACSEOChangePasswordBundle

Bundle used to manage User password history and user change password policy

  Sources   Download

The Requires

 

by Nicolas Potier

user symfony password owasp