X-Git-Url: https://git.rapsys.eu/blogbundle/blobdiff_plain/4b4eed4b8572973694a305663b37044ac6e1625f..eba201f350cd40d6aac8e6ed5551a3a6088ea3dc:/Resources/config/packages/rapsys_blog.yaml diff --git a/Resources/config/packages/rapsys_blog.yaml b/Resources/config/packages/rapsys_blog.yaml index b57fc12..cd687a4 100644 --- a/Resources/config/packages/rapsys_blog.yaml +++ b/Resources/config/packages/rapsys_blog.yaml @@ -98,11 +98,9 @@ rapsys_user: site: '%rapsys_blog.title%' #Edit replacement edit: - #field: - #mail: false - #password: false - #pseudonym: false - #slug: false + admin: + mail: true + slug: true route: index: 'root' view: @@ -183,7 +181,7 @@ framework: headers: X-Originating-IP: '%env(REMOTE_ADDR)%' secret: '%env(APP_SECRET)%' - #csrf_protection: true + csrf_protection: true session: enabled: true handler_id: ~ @@ -200,8 +198,10 @@ security: #XXX: comment this key in config/security.yaml to prevent users_in_memory induced failures #TODO: see https://symfony.com/doc/current/security/passwords.html (sodium ? + upgrade) Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: - algorithm: 'bcrypt' + #Rapsys\BlogBundle\Entity\User: + algorithm: 'sodium' migrate_from: + - 'bcrypt' - 'plaintext' # Set providers @@ -248,7 +248,6 @@ security: # Password parameter password_parameter: 'login[password]' # Enable login csrf protection - #TODO: enable in framework now that it works here ? enable_csrf: false # Csrf parameter csrf_parameter: 'login[_token]'