prise en compte du cookie_path #8

Merged
rmasson merged 1 commits from issue-cookie into develop 2023-01-09 15:10:18 +01:00
5 changed files with 19 additions and 9 deletions

2
.env
View File

@ -30,7 +30,7 @@ BASE_URL='http://localhost:8080'
HYDRA_ADMIN_BASE_URL='http://hydra:4445'
APP_LOCALES="fr,en"
SECURITY_PATTERN=
HASH_ALGO_LEGACY="sha256"
HASH_ALGO_LEGACY="sha256,ssha"
###> symfony/lock ###
# Choose one of the stores below
# postgresql+advisory://db_user:db_password@localhost/db_name

10
.gitignore vendored
View File

@ -4,18 +4,18 @@
/config/secrets/prod/prod.decrypt.private.php
/public/bundles/
/var/
/vendor
/tools/php-cs-fixer/vendor
/node_modules/
/public/build/
npm-debug.log
yarn-error.log
supervisord.log
supervisord.pid
composer.phar
/.vscode
/.cache/
/.cache
/.config
/.npm
/.local
/supervisord.log
/supervisord.pid
.cache
/.bash_history

View File

@ -1,4 +1,9 @@
# see https://symfony.com/doc/current/reference/configuration/framework.html
parameters:
base_url: '%env(BASE_URL)%'
env(BASE_URL): '//'
cookie_path: '%env(COOKIE_PATH)%'
env(COOKIE_PATH): '/'
framework:
secret: '%env(APP_SECRET)%'
#csrf_protection: true
@ -11,7 +16,12 @@ framework:
cookie_secure: auto
cookie_samesite: lax
storage_factory_id: session.storage.factory.native
cookie_path: "%cookie_path%"
assets:
base_urls: '%base_url%'
router:
default_uri: '%base_url%'
#esi: true
#fragments: true
php_errors:

View File

@ -1,7 +1,7 @@
sql_login:
login_column_name: email
password_column_name: password
salt_column_name: salt
salt_column_name: ~
table_name: usager
data_to_fetch:
- email

View File

@ -42,7 +42,7 @@ class HydraService extends AbstractController
// si le challenge est validé par hydra, on le stocke en session pour l'utiliser par la suite et on redirige vers une route interne protégée qui va déclencher l'identification FranceConnect
$this->session->set('challenge', $loginRequestInfo['challenge']);
return new RedirectResponse($this->baseUrl.'/login');
return new RedirectResponse($this->baseUrl.'/connect/login-accept');
}
public function handleConsentRequest(Request $request)