Feature #5846
Implement Account Factory
Status: | Resolved | Start date: | 2010-03-10 | |
---|---|---|---|---|
Priority: | Should have | Due date: | ||
Assigned To: | Robert Lemke | % Done: | 100% |
|
Category: | Security | |||
Target version: | TYPO3 Flow Base Distribution - 1.0 alpha 8 | Estimated time: | 1.00 hour | |
PHP Version: | Complexity: | |||
Has patch: |
Description
Currently the typical code for creating a password-based account looks like this:
$roles = array( $this->objectFactory->create('F3\FLOW3\Security\ACL\Role', 'Participant'), ); $salt = substr(md5(uniqid(rand(), TRUE)), 0, rand(6, 10)); $account = $this->objectFactory->create('F3\Party\Domain\Model\Account'); $account->setAccountIdentifier($accountIdentifier); $account->setCredentialsSource(md5(md5($password) . $salt) . ',' . $salt); $account->setAuthenticationProviderName('DefaultProvider'); $account->setRoles($roles); $newPerson->addAccount($account); $this->personRepository->add($newPerson);
It is not very intuitive and probably error prone for newbies having to write that much code
in order to create an account. Another problem is that we rely on a third developer's ability
to create a secure salt.
We therefore should provide some kind of account factory which allows for easy creation of
typical accounts:
$newAccount = $accountFactory->createAccountWithPassword('identifier', 'password', array('role1', 'role2'));
This would also be a good opportunity to move the Account model to the FLOW3 Security sub package because
it belongs more to security than to Party. The setParty() and getParty() methods should refer to a PartyInterface
rather than a specific implementation
Associated revisions
[+FEATURE] FLOW3 (Security): The new AccountFactory now allows for convenient creation of a new account with username and password. Resolves #5846
[+BUGFIX] FLOW3 (Property): Fixed the failing tests of the Property Mapper. Also replaced a few occurrences of $objectManager->get() by $objectManager->create()
History
#1 Updated by Robert Lemke over 5 years ago
- Target version set to 1.0 alpha 8
#3 Updated by Robert Lemke over 5 years ago
- Status changed from New to Accepted
- Assigned To changed from Andreas Förthner to Robert Lemke
- Target version set to 1.0 alpha 8
- Start date changed from 2009-12-28 to 2010-03-10
- Estimated time set to 1.00
#4 Updated by Robert Lemke over 5 years ago
- Status changed from Accepted to Resolved
- % Done changed from 0 to 100
Applied in changeset r3926.