search

symfony / recipes

Symfony Recipes Repository
https://github.com/symfony/recipes/blob/flex/main/RECIPES.md
MIT License
956 stars 472 forks source link

[symfony/security-bundle] Leverage the `LogoutRouteLoader` #1244

Closed MatTheCat closed 9 months ago

MatTheCat commented 9 months ago
Q A
License MIT
Doc issue/PR https://github.com/symfony/symfony-docs/pull/19000

Related to https://github.com/symfony/symfony/pull/50946

github-actions[bot] commented 9 months ago

Thanks for the PR 😍

How to test these changes in your application

  1. Define the SYMFONY_ENDPOINT environment variable:

    # On Unix-like (BSD, Linux and macOS)
export SYMFONY_ENDPOINT=https://raw.githubusercontent.com/symfony/recipes/flex/pull-1244/index.json
# On Windows
SET SYMFONY_ENDPOINT=https://raw.githubusercontent.com/symfony/recipes/flex/pull-1244/index.json

  2. Install the package(s) related to this recipe:

    composer req 'symfony/flex:^1.16'
composer req 'symfony/security-bundle:^6.4'

  3. Don't forget to unset the SYMFONY_ENDPOINT environment variable when done:

    # On Unix-like (BSD, Linux and macOS)
unset SYMFONY_ENDPOINT
# On Windows
SET SYMFONY_ENDPOINT=

Diff between recipe versions

In order to help with the review stage, I'm in charge of computing the diff between the various versions of patched recipes. I'm going keep this comment up to date with any updates of the attached patch.

symfony/security-bundle

3.3 vs 4.4 ```diff diff --git a/symfony/security-bundle/3.3/config/packages/security.yaml b/symfony/security-bundle/4.4/config/packages/security.yaml index f7ae4b7..811681e 100644 --- a/symfony/security-bundle/3.3/config/packages/security.yaml +++ b/symfony/security-bundle/4.4/config/packages/security.yaml @@ -7,7 +7,7 @@ security: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: - anonymous: true + anonymous: lazy provider: users_in_memory # activate different ways to authenticate ```
4.4 vs 5.1 ```diff diff --git a/symfony/security-bundle/4.4/config/packages/security.yaml b/symfony/security-bundle/5.1/config/packages/security.yaml index 811681e..0e4cf3d 100644 --- a/symfony/security-bundle/4.4/config/packages/security.yaml +++ b/symfony/security-bundle/5.1/config/packages/security.yaml @@ -7,7 +7,8 @@ security: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: - anonymous: lazy + anonymous: true + lazy: true provider: users_in_memory # activate different ways to authenticate ```
5.1 vs 5.3 ```diff diff --git a/symfony/security-bundle/5.1/config/packages/security.yaml b/symfony/security-bundle/5.3/config/packages/security.yaml index 0e4cf3d..789a9ac 100644 --- a/symfony/security-bundle/5.1/config/packages/security.yaml +++ b/symfony/security-bundle/5.3/config/packages/security.yaml @@ -1,5 +1,9 @@ security: - # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers + enable_authenticator_manager: true + # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords + password_hashers: + Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto' + # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider providers: users_in_memory: { memory: null } firewalls: @@ -7,12 +11,11 @@ security: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: - anonymous: true lazy: true provider: users_in_memory # activate different ways to authenticate - # https://symfony.com/doc/current/security.html#firewalls-authentication + # https://symfony.com/doc/current/security.html#the-firewall # https://symfony.com/doc/current/security/impersonating_user.html # switch_user: true @@ -22,3 +25,16 @@ security: access_control: # - { path: ^/admin, roles: ROLE_ADMIN } # - { path: ^/profile, roles: ROLE_USER } + +when@test: + security: + password_hashers: + # By default, password hashers are resource intensive and take time. This is + # important to generate secure password hashes. In tests however, secure hashes + # are not important, waste resources and increase test times. The following + # reduces the work factor to the lowest possible values. + Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: + algorithm: auto + cost: 4 # Lowest possible value for bcrypt + time_cost: 3 # Lowest possible value for argon + memory_cost: 10 # Lowest possible value for argon diff --git a/symfony/security-bundle/5.1/manifest.json b/symfony/security-bundle/5.3/manifest.json index 5d8527e..4a48e0c 100644 --- a/symfony/security-bundle/5.1/manifest.json +++ b/symfony/security-bundle/5.3/manifest.json @@ -5,5 +5,8 @@ "copy-from-recipe": { "config/": "%CONFIG_DIR%/" }, - "aliases": ["security"] + "aliases": ["security"], + "conflict": { + "symfony/framework-bundle": "<5.3" + } } ```
5.3 vs 6.0 ```diff diff --git a/symfony/security-bundle/5.3/config/packages/security.yaml b/symfony/security-bundle/6.0/config/packages/security.yaml index 789a9ac..367af25 100644 --- a/symfony/security-bundle/5.3/config/packages/security.yaml +++ b/symfony/security-bundle/6.0/config/packages/security.yaml @@ -1,5 +1,4 @@ security: - enable_authenticator_manager: true # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords password_hashers: Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto' ```
6.0 vs 6.4 ```diff diff --git a/symfony/security-bundle/6.4/config/routes/security.yaml b/symfony/security-bundle/6.4/config/routes/security.yaml new file mode 100644 index 0000000..f853be1 --- /dev/null +++ b/symfony/security-bundle/6.4/config/routes/security.yaml @@ -0,0 +1,3 @@ +_security_logout: + resource: security.route_loader.logout + type: service ```