-
-
Notifications
You must be signed in to change notification settings - Fork 9.6k
Description
Symfony version(s) affected: 5.3.x
Description
We have a custom password encoder factory that decorates the Symfony encoder factory and allows to delegate building the encoder to a type specific factory which then is able to create a dedicated encoder for a user object.
Until 5.2.x it worked as expected, but on ver. 5.3.x it started throwing exception "No password hasher has been configured for account...". After digging the issue, we found out, with #39802 password encoder has been deprecated and new password hasher factory has been introduced to replace it. This new factory is being used everywhere e.g.
service('security.password_hasher_factory'), |
So this old encoder factory is deprecated and not used anywhere anymore except in security.command.user_password_encoder
. how does this follow backward compatibility?
The problem is, we would like to support Symfony ver. 5.2 or higher, so if we switch to new password hasher factory then it will not be backward compatible and overriding the Symfony services to use old password encoder factory is not forward compatible.
Any help would be greatly appreciated. thanks!
Additional context
Issue described here: pimcore/pimcore#9489