Symfony 4.4 News
Rehashed Password
Symfony 4.3 added a new feature (native password Encoder). Because of the fast-paced nature of hashing algorithm, it becomes less and less recommended to select a default hashing algorithm. Even the PHP function:
password_hash
use a default robust hashing algorithm to encrypt password more efficiently even if it also offer the possibility to use the crypt algorithm for the hashing see documentation here
That's why Symfony 4.3 added a feature that allow to select auto hashing encoder in security configuration. That way, Symfony will choose the more efficient algorithm during the encoding of the user password.
see the default Encoding implementation example below:
# config/packages/security.yaml
security:
# ...
encoders:
App\Entity\User:
algorithm: 'auto'
cost: 12
See the native Password Encoder documentation here
Now, Symfony 4.4 also bring the possibility to rehashed the password with a best existing hashing algorithm. In practice the entity user provider will only need to implement PasswordUpgraderInterface.
providers:
users:
entity:
class: 'App\Entity\User'
property: 'username'
Interface to Implement
Symfony\Component\Security\Core\User\PasswordUpgraderInterface.
This interface implement the only one method that rehash the password before saving it in the database. See the full documentation on Github
Phpunit Assertion for Email
In Symfony 4.4, the components Mailer and Mime (introduced in Symfony 4.3), come with some new phpunit assertions to test emails.
See the code below
// tests/Controller/DefaultControllerTest.php
namespace App\Tests\Controller;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
class DefaultControllerTest extends WebTestCase
{
public function testSomething()
{
$client = static::createClient();
$client->request('GET', '/newsletter-signup');
// ...
$this->assertEmailCount(2);
$this->assertEmailIsQueued($this->getMailerEvent(0));
$email = $this->getMailerMessage(0);
$this->assertEmailHeaderSame($email, 'To', 'fabien@symfony.com');
$this->assertEmailTextBodyContains($email, 'Welcome to Symfony!');
$this->assertEmailAttachementCount($email, 1);
}
}