Having issue in merchant user creation
Hi team,
I'm encountering an error while creating merchant user from merchants->merchantEdit->add merchant user . (this issue occurs sometimes not always)
Error : "Uncaught exception 'ValueError' with message 'Bcrypt password must not contain null character'" when using the following function:
password_hash($password, PASSWORD_BCRYPT);
After some debugging, I found that Spryker uses this method:
public function generateRandomByteString(int $length = 32): string
{ return random_bytes($length);
}
It seems that this function can generate null characters, which might be causing the error when used in password hashing.
Do I understand this issue correctly? Can anyone confirm?
Answers
-
fsmeier Senior Software Engineer & Developer Enablement Advocate Sprykee Posts: 1,087 ⚖️ - Guardians (admin)Heyhey @bhupendra.doniwal ,
can you please create an official support ticket for that and link the issue number here so I can log some more feedback there?
For me it seems like an issue from a php update, see also https://stackoverflow.com/questions/78646470/how-to-prevent-null-bytes-from-being-passed-to-bcrypt-password-hash (maybe also use that link in the ticket as explanation).
All the best,
Florian
0 -
fsmeier Senior Software Engineer & Developer Enablement Advocate Sprykee Posts: 1,087 ⚖️ - Guardians (admin)
Heyhey @bhupendra.doniwal ,
which version of the module
spryker/merchant-userdo you have? In version 1.6.0 there was a fix related to that.Maybe this solves it?
All the best,
Florian
0 -
Hey @fsmeier ,
Thank you for your response,
As of now i have fixed that issue by using following method$userTransfer->setPassword( bin2hex($this->utilTextService->generateRandomByteString(static::USER_CREATION_DEFAULT_PASSWORD_LENGTH)), )->setStatus($this->merchantUserConfig->getUserCreationStatus());0 -
You're absolutely right, @bhupendra.doniwal, nulls may happen!
I checked the latest version of the code, and we have fixed this issue, and now use a String generator, not a ByteString one:
Please update your module!
0
Categories
- All Categories
- 42 Getting Started & Guidelines
- 7 Getting Started in the Community
- 8 Additional Resources
- 7 Community Ideas and Feedback
- 78 Spryker News
- 935 Developer Corner
- 793 Spryker Development
- 90 Spryker Dev Environment
- 362 Spryker Releases
- 3 Oryx frontend framework
- 35 Propel ORM
- 68 Community Projects
- 3 Community Ideation Board
- 30 Hackathon
- 3 PHP Bridge
- 6 Gacela Project
- 26 Job Opportunities
- 3.2K 📜 Slack Archives
- 116 Academy
- 5 Business Users
- 370 Docker
- 551 Slack General
- 2K Help
- 75 Knowledge Sharing
- 6 Random Stuff
- 4 Code Testing
- 33 Product & Business Questions
- 69 Spryker Safari Questions
- 50 Random