#User Password History Management
This Bundle allows to manage user password history. It has been developped and tested to work with the famous FOSUserBundle Bundle.
What this bundle does :
- Store the User's password whenever this password is changed in the table password_history.
- Redirect the User to the route fos_user_change_password eveytime the User's password is older than 30 days.
- Optionaly, provide a constraints that forbids the User to set a password if this password has already been used.
- Add the bundle to you composer.json file :
composer require 'acseo/change-password-bundle:dev-master'
- Enable the Bundle
// app/AppKernel.php
class AppKernel extends Kernel
{
public function registerBundles()
{
$bundles = array(
//...
new ACSEO\ChangePasswordBundle\ACSEOChangePasswordBundle(),
//...- Map your User Class The bundle use an Entity, PasswordHistory, which store previous hashed passwords used by an user. In order to be generic, this entity has a ManyToOne relation with a User entity. This user Entity must extends the FOS\UserBundle\Model\User abstract class.
Edit your config file :
# app/config/config.yml
doctrine:
orm:
resolve_target_entities:
"FOS\UserBundle\Model\User": "YourBundle\Entity\YourUser"
- Update your database to create the new password_history table
$ app/console doctrine:schema:update --dump-sql
$ app/console doctrine:schema:update --force
From now Password History is set up. The table password_history will store the changed user password whenever this password is changed
- Enable Password history constraint
# src/YourBundle/Resources/config/validation.yml
YourBundle\Entity\YourUser:
properties:
# ...
plainPassword:
- ACSEO\ChangePasswordBundle\Validator\Constraints\NotInPreviousPasswords: ~
And that's it !
Feel free to comment or improve this bundle by creating issues or submitting pull requests