Renamed User to InMemoryUser¶
Contributed by
Robin Chalas
in #40443.In Symfony applications, the memory user provider allows to create users (and define their credentials) in a configuration file which is loaded in memory, without using databases or any other persisting service. Although this user provider is only for prototypes or very small/special applications, it’s based on a class called User (the entire namespace is Symfony\Component\Security\Core\User\User). This confuses some newcomers, who think this is the main User class in Symfony security. That’s why in Symfony 5.3 we’ve renamed User to InMemoryUser and UserChecker to InMemoryUserChecker to better convey their purpose (in 5.3 the old names still work but they are deprecated and in Symfony 6.0 they will be removed): 1 2 3 4 5 # config/packages/security.yaml security: password_hashers:
- Symfony\Component\Security\Core\User\User: bcrypt
-
Symfony\Component\Security\Core\User\InMemoryUser: bcrypt Renamed username to identifier¶
Contributed by Wouter De Jong in #40403.
Another source of confusion related to users is the concept of “username” which is used in the Symfony security. In many applications this username is not a traditional username, but an email or even some API token. That’s why in Symfony 5.3 we’ve decided to avoid this confusion and we’ve renamed “username” to “user identifier”. This might require some changes in your application code (in 5.3 the old names still work but they are deprecated and in Symfony 6.0 they will be removed): UserInterface::getUsername() is now UserInterface::getUserIdentifier() loadUserByUsername() is now loadUserByUserIdentifier(), both in user loaders and user providers UsernameNotFoundException is now UserNotFoundException Decoupled Passwords from Users¶
Contributed by
Robin Chalas
in #40267.The Symfony\Component\Security\Core\User\UserInterface is implemented by all the security users in Symfony applications. Sadly, this interface is a product of its time and it contains some methods that are no longer used in modern applications. The first unneeded method is getSalt(), which is no longer necessary when using modern password hashing algorithms (bcrypt, Argon2, etc.) This method has been moved to a new LegacyPasswordAuthenticatedUserInterface. The other method is getPassword() which is no longer needed in many password-less features, such as login links. This method has been moved to a new PasswordAuthenticatedUserInterface. In Symfony 5.3, UserInterface implements these two interfaces, so you don’t need to change anything in your code. In Symfony 6.0 that will be no longer the case and you’ll need to implement the new interfaces if you need those methods.
Sponsor the Symfony project.Melden Sie sich an, um einen Kommentar hinzuzufügen
Andere Beiträge in dieser Gruppe
Thank you for joining us at SymfonyOnline June 2025!
What a great edition of SymfonyOnline we’ve just wrapped up! 🎉
We were thrilled to welcome 300 participants from 35 different countries—a
This week, Symfony celebrated the SymfonyOnline June 2025 conference with great success. Meanwhile, development efforts focused on improving invokable commands for the upcoming Symfony 7.4 version. Th
This week, development activity focused on the upcoming Symfony 7.4 and 8.0 versions, which will deprecate and remove many features. In addition, we published a case study about Yousign. Finally, we'r
As digital signatures become the norm in modern business, Yousign has established itself as a trusted leader across Europe. Behind its simple, intuitive interface is a powerful technical engine, handl
Get ready for the exciting SymfonyOnline June 2025, kicking off in a few days only! There’s still time to register and join the international online Symfony conference—along with pre-conferenc
This week, Symfony released the stable version of Symfony 7.3, which includes lots of amazing new features. We also published the maintenance versions 6.4.22 and 7.2.7.
Symfony development highlights
This is the second part of the blog post showcasing the main DX (developer experience) features introduced in Symfony 7.3. Read the first part of this blog post.
Verify URI Signatures… https://symfon
