75dd98668c
Some checks failed
CI / secret-scan (push) Successful in 9s
CI / php-lint (push) Successful in 17s
CI / static-tests (pull_request) Successful in 29s
CI / auto-merge (push) Has been skipped
CI / static-tests (push) Successful in 28s
CI / secret-scan (pull_request) Successful in 7s
CI / php-lint (pull_request) Successful in 16s
CI / auto-merge (pull_request) Failing after 7s
PinVerifier verifie un PIN soumis contre user.pin_hash (argon2id, default-deny, filtre is_active = 1) et porte la politique de longueur (chiffres ASCII, bornes min/max STAFF_PIN_*, RG-T18). Primitif reutilise par chaque operation sensible en P3 (annulation, prix/TVA, suppressions, inventaire, gestion user/RBAC, effacement PII) ; le flux PIN + audit_log dans la meme transaction est specifie dans docs/uml/security-sequence.md. Un decoy argon2id sur le chemin sans PIN egalise le timing (anti-enumeration). Tests unit + integration (auto-skippee), dont la garde du filtre is_active contre le vrai schema. |
||
|---|---|---|
| .. | ||
| AuthorizerDbTest.php | ||
| AuthServiceDbTest.php | ||
| PinVerifierDbTest.php | ||