X-Git-Url: https://git.rapsys.eu/blogbundle/blobdiff_plain/4b4eed4b8572973694a305663b37044ac6e1625f..b2f5bafdc433f99e1258ec7d6fba9c5b2087421c:/Resources/config/packages/rapsys_blog.yaml

diff --git a/Resources/config/packages/rapsys_blog.yaml b/Resources/config/packages/rapsys_blog.yaml
index b57fc12..cd687a4 100644
--- a/Resources/config/packages/rapsys_blog.yaml
+++ b/Resources/config/packages/rapsys_blog.yaml
@@ -98,11 +98,9 @@ rapsys_user:
             site: '%rapsys_blog.title%'
     #Edit replacement
     edit:
-        #field:
-            #mail: false
-            #password: false
-            #pseudonym: false
-            #slug: false
+        admin:
+            mail: true
+            slug: true
         route:
             index: 'root'
         view:
@@ -183,7 +181,7 @@ framework:
         headers:
             X-Originating-IP: '%env(REMOTE_ADDR)%'
     secret: '%env(APP_SECRET)%'
-    #csrf_protection: true
+    csrf_protection: true
     session:
         enabled: true
         handler_id: ~
@@ -200,8 +198,10 @@ security:
         #XXX: comment this key in config/security.yaml to prevent users_in_memory induced failures
         #TODO: see https://symfony.com/doc/current/security/passwords.html (sodium ? + upgrade)
         Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
-            algorithm: 'bcrypt'
+        #Rapsys\BlogBundle\Entity\User:
+            algorithm: 'sodium'
             migrate_from:
+                - 'bcrypt'
                 - 'plaintext'
 
     # Set providers
@@ -248,7 +248,6 @@ security:
                 # Password parameter
                 password_parameter: 'login[password]'
                 # Enable login csrf protection
-                #TODO: enable in framework now that it works here ?
                 enable_csrf: false
                 # Csrf parameter
                 csrf_parameter: 'login[_token]'