Home/ Questions/Q 8619497
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T06:21:16+00:00

I tried with @Assert\MinLength but it seems to check after encoding the password when

  • 0

I tried with @Assert\MinLength but it seems to check after encoding the password when it’s long enought in everycase. How to put the constraint before encoding?

I can’t think of anything better that to count the number of symbols with strlen after binding the registration form, but I don’t think this will be a good way. And also I’m not sure that even this will work, I’m not sure when exactly the encoding is done.

Any suggestions will be appreciated! Thank you in advance!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The problem is that you’re using one field for two purposes: storing a password in plain text and encoded form. What you need is a field for each purpose:

    use Symfony\Component\Validator\Constraints\NotBlank;
use Symfony\Component\Validator\Constraints\MinLength;
use Doctrine\ORM\Mapping\Column;

class User 
{
    /**
     * @NotBlank
     * @MinLength(6)
     *
     * @var string
     */
    private $plainPassword;

    /**
     * @Column
     *
     * @var string
     */
    private $password;
}

    Only the $password field is persisted to the database and it’s not shown in forms so that users can’t edit it.

    Also you need a Doctrine event listener — or some other code — that checks if $plainPassword is not empty, and if it’s not, encode its value and put it into $password.

    Use the security.encoder_factory service to get the encoder you’ve setup in your security configuration and use it to encode passwords. Also, check my ElnurBlowfishPasswordEncoderBundle.

    • 0