composer update symfony/* to ^5.4. Updating index.php to 5.4, adding security deprecations (#26), some small refactoring.
This commit is contained in:
parent
f4769ed931
commit
3b7b07fd0d
2
.env
2
.env
|
@ -5,8 +5,6 @@
|
|||
###> symfony/framework-bundle ###
|
||||
APP_ENV=dev
|
||||
APP_SECRET=xxx
|
||||
#TRUSTED_PROXIES=127.0.0.1,127.0.0.2
|
||||
#TRUSTED_HOSTS=localhost,example.com
|
||||
###< symfony/framework-bundle ###
|
||||
|
||||
###> doctrine/doctrine-bundle ###
|
||||
|
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -4,6 +4,7 @@
|
|||
/.env.local
|
||||
/.env.local.php
|
||||
/.env.*.local
|
||||
/config/secrets/prod/prod.decrypt.private.php
|
||||
/public/bundles/
|
||||
/var/
|
||||
/vendor/
|
||||
|
|
|
@ -31,27 +31,28 @@
|
|||
"sensio/framework-extra-bundle": "^6.0",
|
||||
"sentry/sentry-symfony": "^4",
|
||||
"suin/php-rss-writer": "^1.6",
|
||||
"symfony/asset": "5.0.*",
|
||||
"symfony/console": "5.0.*",
|
||||
"symfony/dotenv": "^5.0",
|
||||
"symfony/expression-language": "5.0.*",
|
||||
"symfony/asset": "^5.4",
|
||||
"symfony/console": "^5.4",
|
||||
"symfony/dotenv": "^5.4",
|
||||
"symfony/expression-language": "^5.4",
|
||||
"symfony/flex": "^1.0",
|
||||
"symfony/form": "5.0.*",
|
||||
"symfony/framework-bundle": "5.0.*",
|
||||
"symfony/http-client": "5.0.*",
|
||||
"symfony/mailer": "5.0.*",
|
||||
"symfony/form": "^5.4",
|
||||
"symfony/framework-bundle": "^5.4",
|
||||
"symfony/http-client": "^5.4",
|
||||
"symfony/mailer": "^5.4",
|
||||
"symfony/monolog-bundle": "^3.3",
|
||||
"symfony/property-access": "^5.0",
|
||||
"symfony/property-info": "^5.0",
|
||||
"symfony/security-bundle": "5.0.*",
|
||||
"symfony/serializer": "5.0.*",
|
||||
"symfony/translation": "5.0.*",
|
||||
"symfony/twig-bundle": "5.0.*",
|
||||
"symfony/validator": "5.0.*",
|
||||
"symfony/yaml": "5.0.*"
|
||||
"symfony/property-access": "^5.4",
|
||||
"symfony/property-info": "^5.4",
|
||||
"symfony/runtime": "^5.4",
|
||||
"symfony/security-bundle": "^5.4",
|
||||
"symfony/serializer": "^5.4",
|
||||
"symfony/translation": "^5.4",
|
||||
"symfony/twig-bundle": "^5.4",
|
||||
"symfony/validator": "^5.4",
|
||||
"symfony/yaml": "^5.4"
|
||||
},
|
||||
"require-dev": {
|
||||
"symfony/web-profiler-bundle": "^5.0",
|
||||
"symfony/web-profiler-bundle": "^5.4",
|
||||
"symfony/web-server-bundle": "^4.1"
|
||||
},
|
||||
"config": {
|
||||
|
@ -60,7 +61,8 @@
|
|||
},
|
||||
"sort-packages": true,
|
||||
"allow-plugins": {
|
||||
"symfony/flex": true
|
||||
"symfony/flex": true,
|
||||
"symfony/runtime": true
|
||||
}
|
||||
},
|
||||
"autoload": {
|
||||
|
|
1839
composer.lock
generated
1839
composer.lock
generated
File diff suppressed because it is too large
Load diff
25
config/packages/cache.yaml
Normal file
25
config/packages/cache.yaml
Normal file
|
@ -0,0 +1,25 @@
|
|||
framework:
|
||||
cache:
|
||||
# Unique name of your app: used to compute stable namespaces for cache keys.
|
||||
#prefix_seed: your_vendor_name/app_name
|
||||
|
||||
# The "app" cache stores to the filesystem by default.
|
||||
# The data in this cache should persist between deploys.
|
||||
# Other options include:
|
||||
|
||||
# Redis
|
||||
#app: cache.adapter.redis
|
||||
#default_redis_provider: redis://localhost
|
||||
|
||||
# APCu (not recommended with heavy random-write workloads as memory fragmentation can cause perf issues)
|
||||
#app: cache.adapter.apcu
|
||||
|
||||
# Namespaced pools use the above "app" backend by default
|
||||
#pools:
|
||||
#my.dedicated.cache: null
|
||||
prefix_seed: magnetico-web
|
||||
pools:
|
||||
magneticod.cache:
|
||||
adapter: cache.adapter.redis
|
||||
provider: '%env(REDIS_DSN)%'
|
||||
default_lifetime: 600
|
|
@ -1,36 +1,24 @@
|
|||
# see https://symfony.com/doc/current/reference/configuration/framework.html
|
||||
framework:
|
||||
secret: '%env(APP_SECRET)%'
|
||||
#default_locale: en
|
||||
#csrf_protection: true
|
||||
#http_method_override: true
|
||||
http_method_override: false
|
||||
|
||||
# Enables session support. Note that the session will ONLY be started if you read or write from it.
|
||||
# Remove or comment this section to explicitly disable session support.
|
||||
session:
|
||||
handler_id: ~
|
||||
handler_id: null
|
||||
cookie_secure: auto
|
||||
cookie_samesite: lax
|
||||
storage_factory_id: session.storage.factory.native
|
||||
|
||||
#esi: true
|
||||
#fragments: true
|
||||
php_errors:
|
||||
log: true
|
||||
|
||||
cache:
|
||||
# Put the unique name of your app here: the prefix seed
|
||||
# is used to compute stable namespaces for cache keys.
|
||||
#prefix_seed: your_vendor_name/app_name
|
||||
|
||||
# The app cache caches to the filesystem by default.
|
||||
# Other options include:
|
||||
|
||||
# Redis
|
||||
#app: cache.adapter.redis
|
||||
#default_redis_provider: redis://localhost
|
||||
|
||||
# APCu (not recommended with heavy random-write workloads as memory fragmentation can cause perf issues)
|
||||
#app: cache.adapter.apcu
|
||||
prefix_seed: magnetico-web
|
||||
pools:
|
||||
magneticod.cache:
|
||||
adapter: cache.adapter.redis
|
||||
provider: '%env(REDIS_DSN)%'
|
||||
default_lifetime: 600
|
||||
when@test:
|
||||
framework:
|
||||
test: true
|
||||
session:
|
||||
storage_factory_id: session.storage.factory.mock_file
|
||||
|
|
5
config/preload.php
Normal file
5
config/preload.php
Normal file
|
@ -0,0 +1,5 @@
|
|||
<?php
|
||||
|
||||
if (file_exists(dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php')) {
|
||||
require dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php';
|
||||
}
|
|
@ -1,3 +0,0 @@
|
|||
_errors:
|
||||
resource: '@FrameworkBundle/Resources/config/routing/errors.xml'
|
||||
prefix: /_error
|
4
config/routes/framework.yaml
Normal file
4
config/routes/framework.yaml
Normal file
|
@ -0,0 +1,4 @@
|
|||
when@dev:
|
||||
_errors:
|
||||
resource: '@FrameworkBundle/Resources/config/routing/errors.xml'
|
||||
prefix: /_error
|
|
@ -1,3 +1,6 @@
|
|||
# This file is the entry point to configure your own services.
|
||||
# Files in the packages/ subdirectory configure your dependencies.
|
||||
|
||||
# Put parameters here that don't need to change on each machine where the app is deployed
|
||||
# https://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
|
||||
parameters:
|
||||
|
@ -18,8 +21,10 @@ services:
|
|||
$newUserInvites: '%env(NEW_USER_INVITES)%'
|
||||
$fromAddress: '%env(MAILER_FROM)%'
|
||||
|
||||
# makes classes in src/ available to be used as services
|
||||
# this creates a service per class whose id is the fully-qualified class name
|
||||
App\:
|
||||
resource: '../src/*'
|
||||
resource: '../src/'
|
||||
exclude: '../src/{Api/V1/{DTO},Magnetico/{Entity,Migrations},Entity,FormRequest,Migrations,Tests,View,Kernel.php}'
|
||||
# Use array in exclude config from Symfony 4.2
|
||||
#- '../src/Api/V1/{DTO}'
|
||||
|
|
|
@ -2,30 +2,9 @@
|
|||
declare(strict_types=1);
|
||||
|
||||
use App\Kernel;
|
||||
use Symfony\Component\Dotenv\Dotenv;
|
||||
use Symfony\Component\ErrorHandler\Debug;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
|
||||
require dirname(__DIR__).'/vendor/autoload.php';
|
||||
require_once dirname(__DIR__).'/vendor/autoload_runtime.php';
|
||||
|
||||
(new Dotenv())->bootEnv(dirname(__DIR__).'/.env');
|
||||
|
||||
if ($_SERVER['APP_DEBUG']) {
|
||||
umask(0000);
|
||||
|
||||
Debug::enable();
|
||||
}
|
||||
|
||||
if ($trustedProxies = $_SERVER['TRUSTED_PROXIES'] ?? false) {
|
||||
Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO);
|
||||
}
|
||||
|
||||
if ($trustedHosts = $_SERVER['TRUSTED_HOSTS'] ?? false) {
|
||||
Request::setTrustedHosts([$trustedHosts]);
|
||||
}
|
||||
|
||||
$kernel = new Kernel($_SERVER['APP_ENV'], (bool) $_SERVER['APP_DEBUG']);
|
||||
$request = Request::createFromGlobals();
|
||||
$response = $kernel->handle($request);
|
||||
$response->send();
|
||||
$kernel->terminate($request, $response);
|
||||
return function (array $context) {
|
||||
return new Kernel($context['APP_ENV'], (bool) $context['APP_DEBUG']);
|
||||
};
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
|
||||
namespace App\Feed;
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Helper;
|
||||
|
||||
|
|
|
@ -3,59 +3,9 @@
|
|||
namespace App;
|
||||
|
||||
use Symfony\Bundle\FrameworkBundle\Kernel\MicroKernelTrait;
|
||||
use Symfony\Component\Config\Loader\LoaderInterface;
|
||||
use Symfony\Component\Config\Resource\FileResource;
|
||||
use Symfony\Component\DependencyInjection\ContainerBuilder;
|
||||
use Symfony\Component\HttpKernel\Kernel as BaseKernel;
|
||||
use Symfony\Component\Routing\RouteCollectionBuilder;
|
||||
|
||||
class Kernel extends BaseKernel
|
||||
{
|
||||
use MicroKernelTrait;
|
||||
|
||||
const CONFIG_EXTS = '.{php,xml,yaml,yml}';
|
||||
|
||||
public function getCacheDir()
|
||||
{
|
||||
return $this->getProjectDir().'/var/cache/'.$this->environment;
|
||||
}
|
||||
|
||||
public function getLogDir()
|
||||
{
|
||||
return $this->getProjectDir().'/var/log';
|
||||
}
|
||||
|
||||
public function registerBundles()
|
||||
{
|
||||
$contents = require $this->getProjectDir().'/config/bundles.php';
|
||||
foreach ($contents as $class => $envs) {
|
||||
if (isset($envs['all']) || isset($envs[$this->environment])) {
|
||||
yield new $class();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
protected function configureContainer(ContainerBuilder $container, LoaderInterface $loader)
|
||||
{
|
||||
$container->addResource(new FileResource($this->getProjectDir().'/config/bundles.php'));
|
||||
// Feel free to remove the "container.autowiring.strict_mode" parameter
|
||||
// if you are using symfony/dependency-injection 4.0+ as it's the default behavior
|
||||
$container->setParameter('container.autowiring.strict_mode', true);
|
||||
$container->setParameter('container.dumper.inline_class_loader', true);
|
||||
$confDir = $this->getProjectDir().'/config';
|
||||
|
||||
$loader->load($confDir.'/{packages}/*'.self::CONFIG_EXTS, 'glob');
|
||||
$loader->load($confDir.'/{packages}/'.$this->environment.'/**/*'.self::CONFIG_EXTS, 'glob');
|
||||
$loader->load($confDir.'/{services}'.self::CONFIG_EXTS, 'glob');
|
||||
$loader->load($confDir.'/{services}_'.$this->environment.self::CONFIG_EXTS, 'glob');
|
||||
}
|
||||
|
||||
protected function configureRoutes(RouteCollectionBuilder $routes)
|
||||
{
|
||||
$confDir = $this->getProjectDir().'/config';
|
||||
|
||||
$routes->import($confDir.'/{routes}/*'.self::CONFIG_EXTS, '/', 'glob');
|
||||
$routes->import($confDir.'/{routes}/'.$this->environment.'/**/*'.self::CONFIG_EXTS, '/', 'glob');
|
||||
$routes->import($confDir.'/{routes}'.self::CONFIG_EXTS, '/', 'glob');
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Search;
|
||||
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Security;
|
||||
|
||||
|
@ -13,6 +14,9 @@ use Symfony\Component\Security\Core\User\{UserInterface, UserProviderInterface};
|
|||
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
|
||||
use Symfony\Component\Serializer\SerializerInterface;
|
||||
|
||||
/**
|
||||
* @deprecated Refactor to new Authenticators system @see https://gitlab.com/skobkin/magnetico-web/-/issues/26
|
||||
*/
|
||||
class ApiTokenAuthenticator extends AbstractGuardAuthenticator
|
||||
{
|
||||
public const TOKEN_HEADER = 'api-token';
|
||||
|
@ -108,9 +112,9 @@ class ApiTokenAuthenticator extends AbstractGuardAuthenticator
|
|||
{
|
||||
$request = $this->requestStack->getCurrentRequest();
|
||||
|
||||
$tokenKey = $request->headers->get(self::TOKEN_HEADER) ?:
|
||||
$request->cookies->get(self::TOKEN_HEADER) ?:
|
||||
$request->query->get(self::TOKEN_HEADER)
|
||||
$tokenKey = $request?->headers?->get(self::TOKEN_HEADER) ?:
|
||||
$request?->cookies?->get(self::TOKEN_HEADER) ?:
|
||||
$request?->query?->get(self::TOKEN_HEADER)
|
||||
;
|
||||
|
||||
return new AuthenticatedApiToken(
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Security\Token;
|
||||
|
||||
|
@ -6,7 +7,11 @@ use App\Entity\User;
|
|||
use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
|
||||
use Symfony\Component\Security\Guard\Token\GuardTokenInterface;
|
||||
|
||||
/** This token stores ApiToken key even after eraseCredentials() called */
|
||||
/**
|
||||
* This token stores ApiToken key even after eraseCredentials() called
|
||||
*
|
||||
* @deprecated Refactor to new Authenticators system @see https://gitlab.com/skobkin/magnetico-web/-/issues/26
|
||||
*/
|
||||
class AuthenticatedApiToken extends PreAuthenticatedToken implements GuardTokenInterface
|
||||
{
|
||||
/** @var string|null This token is stored only for this request and will not be erased by eraseCredentials() or serialized */
|
||||
|
|
23
symfony.lock
23
symfony.lock
|
@ -271,13 +271,23 @@
|
|||
"version": "v4.1.0"
|
||||
},
|
||||
"symfony/framework-bundle": {
|
||||
"version": "3.3",
|
||||
"version": "5.4",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "master",
|
||||
"version": "3.3",
|
||||
"ref": "1279df12895f20d8076324036431833181eb6645"
|
||||
}
|
||||
"branch": "main",
|
||||
"version": "5.4",
|
||||
"ref": "3cd216a4d007b78d8554d44a5b1c0a446dab24fb"
|
||||
},
|
||||
"files": [
|
||||
"config/packages/cache.yaml",
|
||||
"config/packages/framework.yaml",
|
||||
"config/preload.php",
|
||||
"config/routes/framework.yaml",
|
||||
"config/services.yaml",
|
||||
"public/index.php",
|
||||
"src/Controller/.gitignore",
|
||||
"src/Kernel.php"
|
||||
]
|
||||
},
|
||||
"symfony/http-client": {
|
||||
"version": "v4.4.2"
|
||||
|
@ -291,9 +301,6 @@
|
|||
"symfony/http-kernel": {
|
||||
"version": "v4.1.0"
|
||||
},
|
||||
"symfony/intl": {
|
||||
"version": "v4.1.0"
|
||||
},
|
||||
"symfony/mailer": {
|
||||
"version": "4.3",
|
||||
"recipe": {
|
||||
|
|
Loading…
Reference in a new issue