Merge pull request 'Maj env et doc' (#26) from redis-sentinel into develop
Cadoles/hydra-sql/pipeline/head This commit is unstable Details

Reviewed-on: #26
This commit is contained in:
Matthieu Lamalle 2023-12-12 08:48:57 +01:00
commit 72e912facb
4 changed files with 13 additions and 6 deletions

2
.env
View File

@ -40,4 +40,4 @@ LOCK_DSN=flock
###> sentry/sentry-symfony ###
SENTRY_DSN=
###< sentry/sentry-symfony ###
REDIS_URL=redis://redis:6379
REDIS_DSN=redis://redis:6379

View File

@ -9,7 +9,7 @@ framework:
# Redis
app: cache.adapter.redis
default_redis_provider: '%env(REDIS_URL)%'
default_redis_provider: '%env(REDIS_DSN)%'
# APCu (not recommended with heavy random-write workloads as memory fragmentation can cause perf issues)
#app: cache.adapter.apcu

View File

@ -12,7 +12,7 @@ framework:
# Enables session support. Note that the session will ONLY be started if you read or write from it.
# Remove or comment this section to explicitly disable session support.
session:
handler_id: '%env(REDIS_URL)%'
handler_id: '%env(REDIS_DSN)%'
cookie_secure: auto
cookie_samesite: lax
storage_factory_id: session.storage.factory.native
@ -31,4 +31,4 @@ when@test:
framework:
test: true
session:
storage_factory_id: session.storage.factory.mock_file
storage_factory_id: session.storage.factory.mock_file

View File

@ -36,6 +36,7 @@ DSN_REMOTE_DATABASE="pgsql:host='postgres';port=5432;dbname=lasql"
APP_LOCALES="fr,en"
HASH_ALGO_LEGACY="sha256, bcrypt"
SECURITY_PATTERN="password,salt,pepper"
REDIS_DSN="redis://redis:6379
PEPPER=
```
## Tests password
@ -59,6 +60,12 @@ et conserver le pepper dans service.yaml
env(PEPPER): "257d62c24cd352c21b51c26dba678c8ff05011a89022aec106185bf67c69aa8b"
```
### Redis
La variable `REDIS_DSN` est obligatoire. Hydra-sql utilise dorénavant Redis pour le stockage du cache et des session. Compatible Redis Sentinel
ex : `'redis:?host[redis1:26379]&host[redis2:26379]&host[redis3:26379]&redis_sentinel=mymaster'`
### mariadb
```
En plus de tester la connexion à une différente base de donnée, on teste le hashage de password sans salt ni pepper
@ -107,7 +114,7 @@ Permet d'adapter les requetes SQL à la base de donnée utilisée en indiquant l
pdo_configuration/pdo.yaml
```
sql_login:
sql_login:
login_column_name: email
password_column_name: password
salt_column_name: ~
@ -127,4 +134,4 @@ sql_login:
|`hydra-sql`|Login/Consent/Logout App (ce projet)|`8082`|
|`postgres`| Base de donnée postgres support du test et pour hydra|`5432`
|`mariadb`| Base de donnée mariadb support du test|`3306`
|`pgadmin`| pour administrer la base de donnée |`8085`
|`pgadmin`| pour administrer la base de donnée |`8085`