feat(update): apply recipes:update symfony/security-bundle

2023-01-08 19:22:59 +01:00 · 2023-01-08 19:22:59 +01:00 · b22db21ea4
parent b9b6d968aa
commit b22db21ea4
2 changed files with 22 additions and 4 deletions
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@ -4,6 +4,11 @@ security:
            algorithm: auto

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
+    enable_authenticator_manager: true
+    # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
+    password_hashers:
+        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
+    # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
    providers:
        # used to reload user from session & other features (e.g. switch_user)
        app_user_provider:
@ -52,3 +57,16 @@ security:
        - { path: ^/admin/file_manager, roles: ROLE_WRITER }
        - { path: ^/admin, roles: ROLE_USER }
        - { path: ^/_internal, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+
+when@test:
+    security:
+        password_hashers:
+            # By default, password hashers are resource intensive and take time. This is
+            # important to generate secure password hashes. In tests however, secure hashes
+            # are not important, waste resources and increase test times. The following
+            # reduces the work factor to the lowest possible values.
+            Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
+                algorithm: auto
+                cost: 4 # Lowest possible value for bcrypt
+                time_cost: 3 # Lowest possible value for argon
+                memory_cost: 10 # Lowest possible value for argon
--- a/symfony.lock
+++ b/symfony.lock
@ -546,12 +546,12 @@
        ]
    },
    "symfony/security-bundle": {
-        "version": "5.1",
+        "version": "5.4",
        "recipe": {
            "repo": "github.com/symfony/recipes",
-            "branch": "master",
-            "version": "5.1",
-            "ref": "0a4bae19389d3b9cba1ca0102e3b2bccea724603"
+            "branch": "main",
+            "version": "5.3",
+            "ref": "98f1f2b0d635908c2b40f3675da2d23b1a069d30"
        },
        "files": [
            "config/packages/security.yaml"