fix(auth): retire le bouton mort PASSWORD_ALGO (argon2id fixe dans le code)
All checks were successful
CI / php-lint (push) Successful in 26s
CI / static-tests (push) Successful in 35s
CI / php-lint (pull_request) Successful in 23s
CI / auto-merge (push) Has been skipped
CI / auto-merge (pull_request) Successful in 5s
CI / secret-scan (push) Successful in 13s
CI / secret-scan (pull_request) Successful in 11s
CI / static-tests (pull_request) Successful in 43s
All checks were successful
CI / php-lint (push) Successful in 26s
CI / static-tests (push) Successful in 35s
CI / php-lint (pull_request) Successful in 23s
CI / auto-merge (push) Has been skipped
CI / auto-merge (pull_request) Successful in 5s
CI / secret-scan (push) Successful in 13s
CI / secret-scan (pull_request) Successful in 11s
CI / static-tests (pull_request) Successful in 43s
PASSWORD_ALGO etait expose (.env.example + docker-compose) comme si l'algorithme de hashage etait configurable, mais PasswordHasher code PASSWORD_ARGON2ID en dur : poser PASSWORD_ALGO=bcrypt n'aurait eu aucun effet (faux levier, risque de fausse confiance dans une config inactive). argon2id est un choix security-by-design non configurable. On retire donc la var (.env.example + compose) et on documente l'intention dans PasswordHasher::hash. Les COUTS (ARGON2_MEMORY/TIME/THREADS) restent reglables et honores. Aucun code ne lisait PASSWORD_ALGO : pas de changement de comportement.
This commit is contained in:
Imugiii
parent
ad5203d3fc
commit
c4c55338ac
3 changed files with 6 additions and 4 deletions
|
|
@ -62,9 +62,9 @@ SESSION_NAME=WAKDO_SID # nom du cookie (evite PHPSESSID)
|
|||
# Doit correspondre exactement a APP_URL_KIOSK (pas de wildcard).
|
||||
CORS_ALLOWED_ORIGIN=https://kiosk.example.com
|
||||
|
||||
# Algorithme de hashage mot de passe (password_hash PHP).
|
||||
# argon2id recommande depuis PHP 7.3 pour les nouveaux projets.
|
||||
PASSWORD_ALGO=argon2id
|
||||
# Algorithme de hashage : argon2id, FIXE dans le code (App\Auth\PasswordHasher),
|
||||
# choix security-by-design non configurable (pas de bascule runtime vers un algo
|
||||
# plus faible). Seuls les COUTS ci-dessous sont reglables.
|
||||
|
||||
# Parametres de cout argon2id (password_hash options).
|
||||
# Defauts alignes sur les recommandations OWASP Password Storage Cheat Sheet
|
||||
|
|
|
|||
|
|
@ -134,7 +134,6 @@ services:
|
|||
SESSION_LIFETIME_ABSOLUTE: ${SESSION_LIFETIME_ABSOLUTE}
|
||||
SESSION_NAME: ${SESSION_NAME}
|
||||
CORS_ALLOWED_ORIGIN: ${CORS_ALLOWED_ORIGIN}
|
||||
PASSWORD_ALGO: ${PASSWORD_ALGO}
|
||||
# Cout argon2id (password_hash) : aligne sur .env.example / OWASP. Sert au
|
||||
# hash du mot de passe ET du PIN equipier (actions sensibles, P3).
|
||||
ARGON2_MEMORY_COST: ${ARGON2_MEMORY_COST}
|
||||
|
|
|
|||
|
|
@ -24,6 +24,9 @@ final class PasswordHasher
|
|||
|
||||
public function hash(string $plain): string
|
||||
{
|
||||
// argon2id en dur : choix security-by-design non configurable (pas de
|
||||
// bascule runtime vers un algo plus faible). Seuls les couts sont lus de
|
||||
// l'environnement (options()) ; il n'existe donc pas de var PASSWORD_ALGO.
|
||||
return password_hash($plain, PASSWORD_ARGON2ID, $this->options());
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue