Merge pull request 'prise en compte du cookie_path' (#8) from issue-cookie into develop

Reviewed-on: #8
2023-01-09 15:10:17 +01:00 · 2023-01-09 15:10:17 +01:00 · d7ada479c4
parent b9648231ba df73cede0f
commit d7ada479c4
5 changed files with 19 additions and 9 deletions
--- a/.env
+++ b/.env
@ -30,7 +30,7 @@ BASE_URL='http://localhost:8080'
 HYDRA_ADMIN_BASE_URL='http://hydra:4445'
 APP_LOCALES="fr,en"
 SECURITY_PATTERN=
-HASH_ALGO_LEGACY="sha256"
+HASH_ALGO_LEGACY="sha256,ssha"
 ###> symfony/lock ###
 # Choose one of the stores below
 # postgresql+advisory://db_user:db_password@localhost/db_name
--- a/.gitignore
+++ b/.gitignore
@ -4,18 +4,18 @@
 /config/secrets/prod/prod.decrypt.private.php
 /public/bundles/
 /var/
-
 /vendor
 /tools/php-cs-fixer/vendor
 /node_modules/
 /public/build/
 npm-debug.log
 yarn-error.log
+supervisord.log
+supervisord.pid
+composer.phar
 /.vscode
-/.cache/
+/.cache
 /.config
 /.npm
 /.local
-/supervisord.log
-/supervisord.pid
-.cache
+/.bash_history
--- a/config/packages/framework.yaml
+++ b/config/packages/framework.yaml
@ -1,4 +1,9 @@
-# see https://symfony.com/doc/current/reference/configuration/framework.html
+parameters:
+    base_url: '%env(BASE_URL)%'
+    env(BASE_URL): '//'
+
+    cookie_path: '%env(COOKIE_PATH)%'
+    env(COOKIE_PATH): '/'
 framework:
    secret: '%env(APP_SECRET)%'
    #csrf_protection: true
@ -11,7 +16,12 @@ framework:
        cookie_secure: auto
        cookie_samesite: lax
        storage_factory_id: session.storage.factory.native
+        cookie_path: "%cookie_path%"
+    assets:
+        base_urls: '%base_url%'

+    router:
+        default_uri: '%base_url%'
    #esi: true
    #fragments: true
    php_errors:
--- a/config/sql_login_configuration/sql_login.yaml
+++ b/config/sql_login_configuration/sql_login.yaml
@ -1,7 +1,7 @@
 sql_login: 
  login_column_name: email
  password_column_name: password
-  salt_column_name: salt
+  salt_column_name: ~
  table_name: usager
  data_to_fetch:
    - email
--- a/src/Hydra/HydraService.php
+++ b/src/Hydra/HydraService.php
@ -42,7 +42,7 @@ class HydraService extends AbstractController
        // si le challenge est validé par hydra, on le stocke en session pour l'utiliser par la suite et on redirige vers une route interne protégée qui va déclencher l'identification FranceConnect
        $this->session->set('challenge', $loginRequestInfo['challenge']);

-        return new RedirectResponse($this->baseUrl.'/login');
+        return new RedirectResponse($this->baseUrl.'/connect/login-accept');
    }

    public function handleConsentRequest(Request $request)