Skip to content

tweaking the password upgrading functionality #12960

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 21, 2020
Merged

tweaking the password upgrading functionality #12960

merged 1 commit into from
Jan 21, 2020

Conversation

weaverryan
Copy link
Member

Hi!

Minor tweaks to the password upgrading section as I read through it - it was already quite good.

94noni
94noni reviewed Jan 19, 2020
View reviewed changes
wouterj
wouterj approved these changes Jan 19, 2020
View reviewed changes
Copy link
Member

@wouterj wouterj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, I agree with the improvements!

security/password_migration.rst

* New users will be encoded with the new algorithm;
* Whenever a user logs in whose password is still stored using the old algorithm,
Symfony will verify the password with the old algorithm and then re-encode
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Symfony will verify the password with the old algorithm and then re-encode
Symfony will verify the password with the old algorithm and then rehash

Confusing Symfony terminology, but the password encoders are doing hashing. This is also consistent with earlier uses of "rehash(ing)" in the beginning of this chapter.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made this change while merging.

@javiereguiluz javiereguiluz added this to the 4.4 milestone Jan 21, 2020
@javiereguiluz javiereguiluz changed the base branch from master to 4.4 January 21, 2020 19:51
@javiereguiluz
Copy link
Member

Thanks Ryan.

javiereguiluz added a commit that referenced this pull request Jan 21, 2020
@javiereguiluz
minor #12960 tweaking the password upgrading functionality (weaverryan)
597d701 
This PR was submitted for the master branch but it was merged into the 4.4 branch instead (closes #12960).

Discussion
----------

tweaking the password upgrading functionality

Hi!

Minor tweaks to the password upgrading section as I read through it - it was already quite good.

Commits
-------

94fc0b4 tweaking the password upgrading functionality
@javiereguiluz javiereguiluz merged commit 94fc0b4 into symfony:4.4 Jan 21, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@javiereguiluz javiereguiluz javiereguiluz approved these changes

@94noni 94noni 94noni left review comments

@wouterj wouterj wouterj approved these changes

@OskarStark OskarStark OskarStark approved these changes

Assignees
No one assigned
Labels
Security Status: Reviewed
Projects
None yet
Milestone
4.4
Development

Successfully merging this pull request may close these issues.
6 participants
@weaverryan @javiereguiluz @wouterj @OskarStark @94noni @carsonbot