AcadeNice/corentin_wakdo
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(auth): retire le bouton mort PASSWORD_ALGO (argon2id fixe dans le code)
All checks were successful
CI / php-lint (push) Successful in 26s
Details
CI / static-tests (push) Successful in 35s
Details
CI / php-lint (pull_request) Successful in 23s
Details
CI / auto-merge (push) Has been skipped
Details
CI / auto-merge (pull_request) Successful in 5s
Details
CI / secret-scan (push) Successful in 13s
Details
CI / secret-scan (pull_request) Successful in 11s
Details
CI / static-tests (pull_request) Successful in 43s
Details

Browse source 
PASSWORD_ALGO etait expose (.env.example + docker-compose) comme si l'algorithme
de hashage etait configurable, mais PasswordHasher code PASSWORD_ARGON2ID en dur :
poser PASSWORD_ALGO=bcrypt n'aurait eu aucun effet (faux levier, risque de fausse
confiance dans une config inactive).

argon2id est un choix security-by-design non configurable. On retire donc la var
(.env.example + compose) et on documente l'intention dans PasswordHasher::hash.
Les COUTS (ARGON2_MEMORY/TIME/THREADS) restent reglables et honores. Aucun code
ne lisait PASSWORD_ALGO : pas de changement de comportement.
This commit is contained in:
Imugiii 2026-06-16 12:08:01 +00:00
parent ad5203d3fc
commit c4c55338ac
3 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
.env.example
View file

@ -62,9 +62,9 @@ SESSION_NAME=WAKDO_SID # nom du cookie (evite PHPSESSID)
# Doit correspondre exactement a APP_URL_KIOSK (pas de wildcard). # Doit correspondre exactement a APP_URL_KIOSK (pas de wildcard).
CORS_ALLOWED_ORIGIN=https://kiosk.example.com CORS_ALLOWED_ORIGIN=https://kiosk.example.com
# Algorithme de hashage mot de passe (password_hash PHP). # Algorithme de hashage : argon2id, FIXE dans le code (App\Auth\PasswordHasher),
# argon2id recommande depuis PHP 7.3 pour les nouveaux projets. # choix security-by-design non configurable (pas de bascule runtime vers un algo
PASSWORD_ALGO=argon2id # plus faible). Seuls les COUTS ci-dessous sont reglables.
# Parametres de cout argon2id (password_hash options). # Parametres de cout argon2id (password_hash options).
# Defauts alignes sur les recommandations OWASP Password Storage Cheat Sheet # Defauts alignes sur les recommandations OWASP Password Storage Cheat Sheet

1
docker-compose.yml
View file

@ -134,7 +134,6 @@ services:
SESSION_LIFETIME_ABSOLUTE: ${SESSION_LIFETIME_ABSOLUTE} SESSION_LIFETIME_ABSOLUTE: ${SESSION_LIFETIME_ABSOLUTE}
SESSION_NAME: ${SESSION_NAME} SESSION_NAME: ${SESSION_NAME}
CORS_ALLOWED_ORIGIN: ${CORS_ALLOWED_ORIGIN} CORS_ALLOWED_ORIGIN: ${CORS_ALLOWED_ORIGIN}
PASSWORD_ALGO: ${PASSWORD_ALGO}
# Cout argon2id (password_hash) : aligne sur .env.example / OWASP. Sert au # Cout argon2id (password_hash) : aligne sur .env.example / OWASP. Sert au
# hash du mot de passe ET du PIN equipier (actions sensibles, P3). # hash du mot de passe ET du PIN equipier (actions sensibles, P3).
ARGON2_MEMORY_COST: ${ARGON2_MEMORY_COST} ARGON2_MEMORY_COST: ${ARGON2_MEMORY_COST}

3
src/app/Auth/PasswordHasher.php
View file

@ -24,6 +24,9 @@ final class PasswordHasher
public function hash(string $plain): string public function hash(string $plain): string
{ {
// argon2id en dur : choix security-by-design non configurable (pas de
// bascule runtime vers un algo plus faible). Seuls les couts sont lus de
// l'environnement (options()) ; il n'existe donc pas de var PASSWORD_ALGO.
return password_hash($plain, PASSWORD_ARGON2ID, $this->options()); return password_hash($plain, PASSWORD_ARGON2ID, $this->options());
} }