Hey everyone,

I've finally upgraded an old 3.4 instance to 5.4. But I'm still stuck with the new password upgrading system. Currently, my passwords are hashed using sha512 and I want to upgrade that to using the auto hasher (i.e. the best that's currently available). So I've configured two password hashers, like this:

    password_hashers:
        legacy:
            algorithm: sha512
            iterations: 1103
            encode_as_base64: true
        App\Entity\User:
            algorithm: auto
            migrate_from:
                - legacy

Besides, I made my User hasher aware by implementing the PasswordHasherAwareInterface like this:

    public function getPasswordHasherName(): ?string
    {
        if (null !== $this->salt) {
            return 'legacy';
        }

        return null;
    }

You can already see that my old hasher used a separate salt column, and the contents of that column determine whether this is a legacy or a 'new' hashed password.

I've also implemented the PasswordUpgraderInterface at my user repository. Now, the problem is that the upgrade method of the user repository is never called.

I've debugged a bit using dump 😅, and when I successfully authenticate with a user that still has a salted password, in the PasswordMigratingListener the retrieved $passwordHasher is the MessageDigestPasswordHasher (where needsRehash() returns false). While I would assume here it is the MigratingPasswordHasher.

What is going wrong here? Am I misconfiguring the hashers? Or can the migrate_from option not be used together with a PasswordHasherAwareInterface and/or PasswordUpgraderInterface?