Implement change password in Symfony2

Question

What is the best way to implement change password functionality in Symfony2? Right now I'm using this:

$builder->add('password', 'repeated', array(     'first_name' => 'New password',     'second_name' => 'Confirm new password',     'type' => 'password' )); 

It should also contain the current password check for security reasons.

Note: I'm not using FOSUserBundle.

Answer 1

Since Symfony 2.3 you can easily use UserPassword validation constraint.

Acme\UserBundle\Form\Model\ChangePassword.php

namespace Acme\UserBundle\Form\Model;  use Symfony\Component\Security\Core\Validator\Constraints as SecurityAssert; use Symfony\Component\Validator\Constraints as Assert;  class ChangePassword {     /**      * @SecurityAssert\UserPassword(      *     message = "Wrong value for your current password"      * )      */      protected $oldPassword;      /**      * @Assert\Length(      *     min = 6,      *     minMessage = "Password should be at least 6 chars long"      * )      */      protected $newPassword; } 

Acme\UserBundle\Form\ChangePasswordType.php

namespace Acme\UserBundle\Form;  use Symfony\Component\Form\AbstractType; use Symfony\Component\Form\FormBuilderInterface; use Symfony\Component\OptionsResolver\OptionsResolverInterface;  class ChangePasswordType extends AbstractType {     public function buildForm(FormBuilderInterface $builder, array $options)     {         $builder->add('oldPassword', 'password');         $builder->add('newPassword', 'repeated', array(             'type' => 'password',             'invalid_message' => 'The password fields must match.',             'required' => true,             'first_options'  => array('label' => 'Password'),             'second_options' => array('label' => 'Repeat Password'),         ));     }      public function setDefaultOptions(OptionsResolverInterface $resolver)     {         $resolver->setDefaults(array(             'data_class' => 'Acme\UserBundle\Form\Model\ChangePassword',         ));     }      public function getName()     {         return 'change_passwd';     } } 

Acme\UserBundle\Controller\DemoController.php

namespace Acme\UserBundle\Controller;  use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Symfony\Component\HttpFoundation\Request; use Acme\UserBundle\Form\ChangePasswordType; use Acme\UserBundle\Form\Model\ChangePassword;  class DemoController extends Controller {     public function changePasswdAction(Request $request)     {       $changePasswordModel = new ChangePassword();       $form = $this->createForm(new ChangePasswordType(), $changePasswordModel);        $form->handleRequest($request);        if ($form->isSubmitted() && $form->isValid()) {           // perform some action,           // such as encoding with MessageDigestPasswordEncoder and persist           return $this->redirect($this->generateUrl('change_passwd_success'));       }        return $this->render('AcmeUserBundle:Demo:changePasswd.html.twig', array(           'form' => $form->createView(),       ));           } }