Feature #5846

Implement Account Factory

Added by Robert Lemke almost 10 years ago. Updated about 9 years ago.

Status:
Resolved
Priority:
Should have
Assignee:
Category:
Security
Start date:
2010-03-10
Due date:
% Done:

100%

Estimated time:
1.00 h
PHP Version:
Has patch:
Complexity:

Description

Currently the typical code for creating a password-based account looks like this:

        $roles = array(
            $this->objectFactory->create('F3\FLOW3\Security\ACL\Role', 'Participant'),
        );

        $salt = substr(md5(uniqid(rand(), TRUE)), 0, rand(6, 10));

        $account = $this->objectFactory->create('F3\Party\Domain\Model\Account');
        $account->setAccountIdentifier($accountIdentifier);
        $account->setCredentialsSource(md5(md5($password) . $salt) . ',' . $salt);
        $account->setAuthenticationProviderName('DefaultProvider');
        $account->setRoles($roles);

        $newPerson->addAccount($account);
        $this->personRepository->add($newPerson);

It is not very intuitive and probably error prone for newbies having to write that much code
in order to create an account. Another problem is that we rely on a third developer's ability
to create a secure salt.

We therefore should provide some kind of account factory which allows for easy creation of
typical accounts:

   $newAccount = $accountFactory->createAccountWithPassword('identifier', 'password', array('role1', 'role2'));

This would also be a good opportunity to move the Account model to the FLOW3 Security sub package because
it belongs more to security than to Party. The setParty() and getParty() methods should refer to a PartyInterface
rather than a specific implementation

Associated revisions

Revision 00343be8 (diff)
Added by Robert Lemke over 9 years ago

[+FEATURE] FLOW3 (Security): The new AccountFactory now allows for convenient creation of a new account with username and password. Resolves #5846
[+BUGFIX] FLOW3 (Property): Fixed the failing tests of the Property Mapper. Also replaced a few occurrences of $objectManager->get() by $objectManager->create()

History

#1 Updated by Robert Lemke almost 10 years ago

  • Target version set to 1.0 alpha 8

#2 Updated by Andreas Förthner over 9 years ago

  • Target version deleted (1.0 alpha 8)

Postponed...

#3 Updated by Robert Lemke over 9 years ago

  • Status changed from New to Accepted
  • Assignee changed from Andreas Förthner to Robert Lemke
  • Target version set to 1.0 alpha 8
  • Start date changed from 2009-12-28 to 2010-03-10
  • Estimated time set to 1.00 h

#4 Updated by Robert Lemke over 9 years ago

  • Status changed from Accepted to Resolved
  • % Done changed from 0 to 100

Applied in changeset r3926.

Also available in: Atom PDF