Why isPasswordValid() function always return false?

I am working on a simple reset password system with Symfony4.

I don’t know why isPasswordValid() always return false?

I am using Bcrypt to Hash the password
Here is some code of Security.yaml :

            algorithm: bcrypt

I don’t know why isPasswordValid() Always returns false.
I manually tried this:

dump($encoder->isPasswordValid($user, $pass));

and it dump false..

Here is the function I wrote on the controller:

 * @Route("/password", name="change_pass", methods={"GET","POST"})
 * @IsGranted("ROLE_USER")
public function edit(Request $request,UserPasswordEncoderInterface $encoder): Response

    $user = $this->getUser();

    $form = $this->createForm(ResetPassType::class, $user);

    if ($form->isSubmitted() && $form->isValid()) {

        $oldPassword = $request->request->get('reset_pass')['oldPassword'];
        $newPassword = $user->getPassword();

        if ($encoder->isPasswordValid($user, $oldPassword)) {
            $hash = $encoder->encodePassword($user,$newPassword);
            $this->addFlash('success', 'Your password is succesfully changed');
        }else {
            $this->addFlash('fail', 'old password is wrong');


    return $this->render('consultant/changepass.html.twig', [
        'form' => $form->createView(),

Here is the form ResetPassType :

   public function buildForm(FormBuilderInterface $builder, array $options)
        ->add('oldPassword', PasswordType::class, [
            'mapped' => false,])

Source: Symfony Questions

Was this helpful?

0 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *