prise en compte du cookie_path #8

Merged
rmasson merged 1 commits from issue-cookie into develop 2023-01-09 15:10:18 +01:00
5 changed files with 19 additions and 9 deletions
Showing only changes of commit df73cede0f - Show all commits

2
.env
View File

@ -30,7 +30,7 @@ BASE_URL='http://localhost:8080'
HYDRA_ADMIN_BASE_URL='http://hydra:4445' HYDRA_ADMIN_BASE_URL='http://hydra:4445'
APP_LOCALES="fr,en" APP_LOCALES="fr,en"
SECURITY_PATTERN= SECURITY_PATTERN=
HASH_ALGO_LEGACY="sha256" HASH_ALGO_LEGACY="sha256,ssha"
###> symfony/lock ### ###> symfony/lock ###
# Choose one of the stores below # Choose one of the stores below
# postgresql+advisory://db_user:db_password@localhost/db_name # postgresql+advisory://db_user:db_password@localhost/db_name

10
.gitignore vendored
View File

@ -4,18 +4,18 @@
/config/secrets/prod/prod.decrypt.private.php /config/secrets/prod/prod.decrypt.private.php
/public/bundles/ /public/bundles/
/var/ /var/
/vendor /vendor
/tools/php-cs-fixer/vendor /tools/php-cs-fixer/vendor
/node_modules/ /node_modules/
/public/build/ /public/build/
npm-debug.log npm-debug.log
yarn-error.log yarn-error.log
supervisord.log
supervisord.pid
composer.phar
/.vscode /.vscode
/.cache/ /.cache
/.config /.config
/.npm /.npm
/.local /.local
/supervisord.log /.bash_history
/supervisord.pid
.cache

View File

@ -1,4 +1,9 @@
# see https://symfony.com/doc/current/reference/configuration/framework.html parameters:
base_url: '%env(BASE_URL)%'
env(BASE_URL): '//'
cookie_path: '%env(COOKIE_PATH)%'
env(COOKIE_PATH): '/'
framework: framework:
secret: '%env(APP_SECRET)%' secret: '%env(APP_SECRET)%'
#csrf_protection: true #csrf_protection: true
@ -11,7 +16,12 @@ framework:
cookie_secure: auto cookie_secure: auto
cookie_samesite: lax cookie_samesite: lax
storage_factory_id: session.storage.factory.native storage_factory_id: session.storage.factory.native
cookie_path: "%cookie_path%"
assets:
base_urls: '%base_url%'
router:
default_uri: '%base_url%'
#esi: true #esi: true
#fragments: true #fragments: true
php_errors: php_errors:

View File

@ -1,7 +1,7 @@
sql_login: sql_login:
login_column_name: email login_column_name: email
password_column_name: password password_column_name: password
salt_column_name: salt salt_column_name: ~
table_name: usager table_name: usager
data_to_fetch: data_to_fetch:
- email - email

View File

@ -42,7 +42,7 @@ class HydraService extends AbstractController
// si le challenge est validé par hydra, on le stocke en session pour l'utiliser par la suite et on redirige vers une route interne protégée qui va déclencher l'identification FranceConnect // si le challenge est validé par hydra, on le stocke en session pour l'utiliser par la suite et on redirige vers une route interne protégée qui va déclencher l'identification FranceConnect
$this->session->set('challenge', $loginRequestInfo['challenge']); $this->session->set('challenge', $loginRequestInfo['challenge']);
return new RedirectResponse($this->baseUrl.'/login'); return new RedirectResponse($this->baseUrl.'/connect/login-accept');
} }
public function handleConsentRequest(Request $request) public function handleConsentRequest(Request $request)