/** * Attempt to authenticate the provided token using the provided user provider. * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param string $providerKey * @return UsernamePasswordToken * @throws BadCredentialsException */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { if ($user = $userProvider->loadUserByUsername($token->getUsername())) { $userPassword = $user->getPassword(); $tokenCredentials = $token->getCredentials(); if ($userPassword == $this->initPassword && $user instanceof MutableUserInterface && $userProvider instanceof MutableUserProviderInterface) { // set both salt & password $user->setSalt(substr(md5(rand(1, 10000)), 0, 5)); $user->setPassword($this->passwordEncoder->encodePassword($tokenCredentials, $user->getSalt())); // save the user $userProvider->saveUser($user); // return it return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); } else { if ($this->passwordEncoder->isPasswordValid($userPassword, $tokenCredentials, $user->getSalt())) { return new UsernamePasswordToken($user, $userPassword, $providerKey, $user->getRoles()); } } } throw new BadCredentialsException('The presented password is invalid.'); }