WIP

2026-03-31 17:57:59 +02:00
parent 1b1dab65b6
commit 476060cf7d
45 changed files with 8547 additions and 648 deletions
--- a/config/bundles.php
+++ b/config/bundles.php
@@ -6,7 +6,6 @@ use ApiPlatform\Symfony\Bundle\ApiPlatformBundle;
 use DAMA\DoctrineTestBundle\DAMADoctrineTestBundle;
 use Doctrine\Bundle\DoctrineBundle\DoctrineBundle;
 use Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle;
-use Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle;
 use Nelmio\CorsBundle\NelmioCorsBundle;
 use Symfony\AI\McpBundle\McpBundle;
 use Symfony\Bundle\FrameworkBundle\FrameworkBundle;
@@ -14,14 +13,13 @@ use Symfony\Bundle\SecurityBundle\SecurityBundle;
 use Symfony\Bundle\TwigBundle\TwigBundle;

 return [
-    FrameworkBundle::class              => ['all' => true],
-    TwigBundle::class                   => ['all' => true],
-    SecurityBundle::class               => ['all' => true],
-    DoctrineBundle::class               => ['all' => true],
-    DoctrineMigrationsBundle::class     => ['all' => true],
-    NelmioCorsBundle::class             => ['all' => true],
-    ApiPlatformBundle::class            => ['all' => true],
-    LexikJWTAuthenticationBundle::class => ['all' => true],
-    DAMADoctrineTestBundle::class       => ['test' => true],
-    McpBundle::class                    => ['all' => true],
+    FrameworkBundle::class          => ['all' => true],
+    TwigBundle::class               => ['all' => true],
+    SecurityBundle::class           => ['all' => true],
+    DoctrineBundle::class           => ['all' => true],
+    DoctrineMigrationsBundle::class => ['all' => true],
+    NelmioCorsBundle::class         => ['all' => true],
+    ApiPlatformBundle::class        => ['all' => true],
+    DAMADoctrineTestBundle::class   => ['test' => true],
+    McpBundle::class                => ['all' => true],
 ];
--- a/config/packages/framework.yaml
+++ b/config/packages/framework.yaml
@@ -3,7 +3,10 @@ framework:
    secret: '%env(APP_SECRET)%'

    # Note that the session will be started ONLY if you read or write from it.
-    session: true
+    session:
+        cookie_secure: auto
+        cookie_samesite: lax
+        cookie_httponly: true

    #esi: true
    #fragments: true
--- a/config/packages/lexik_jwt_authentication.yaml
+++ b/config/packages/lexik_jwt_authentication.yaml
@@ -1,4 +0,0 @@
-lexik_jwt_authentication:
-    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
-    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
-    pass_phrase: '%env(JWT_PASSPHRASE)%'
--- a/config/packages/rate_limiter.yaml
+++ b/config/packages/rate_limiter.yaml
@@ -4,3 +4,7 @@ framework:
            policy: sliding_window
            limit: 5
            interval: '1 minute'
+        login:
+            policy: sliding_window
+            limit: 5
+            interval: '1 minute'