Mathias STRASSER
c5e6c1d810
L'inscription Classeo se fait via invitation : un admin crée un compte, l'utilisateur reçoit un lien d'activation par email pour définir son mot de passe. Ce flow sécurisé évite les inscriptions non autorisées et garantit que seuls les utilisateurs légitimes accèdent au système. Points clés de l'implémentation : - Tokens d'activation à usage unique stockés en cache (Redis/filesystem) - Validation du consentement parental pour les mineurs < 15 ans (RGPD) - L'échec d'activation ne consume pas le token (retry possible) - Users dans un cache séparé sans TTL (pas d'expiration) - Hot reload en dev (FrankenPHP sans mode worker) Story: 1.3 - Inscription et activation de compte
75 lines
2.5 KiB
Bash
75 lines
2.5 KiB
Bash
# In all environments, the following files are loaded if they exist,
|
|
# the latter taking precedence over the former:
|
|
#
|
|
# * .env contains default values for the environment variables needed by the app
|
|
# * .env.local uncommitted file with local overrides
|
|
# * .env.$APP_ENV committed environment-specific defaults
|
|
# * .env.$APP_ENV.local uncommitted environment-specific overrides
|
|
#
|
|
# Real environment variables win over .env files.
|
|
#
|
|
# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
|
|
# https://symfony.com/doc/current/configuration/secrets.html
|
|
#
|
|
# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
|
|
|
|
###> symfony/framework-bundle ###
|
|
APP_ENV=dev
|
|
APP_SECRET=change_me_in_production_12345678
|
|
TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
|
TRUSTED_HOSTS=^(localhost|php|127\.0\.0\.1|(.+\.)?classeo\.local)$
|
|
###< symfony/framework-bundle ###
|
|
|
|
###> doctrine/doctrine-bundle ###
|
|
DATABASE_URL="postgresql://classeo:classeo@db:5432/classeo_master?serverVersion=18&charset=utf8"
|
|
###< doctrine/doctrine-bundle ###
|
|
|
|
###> symfony/messenger ###
|
|
MESSENGER_TRANSPORT_DSN=amqp://guest:guest@rabbitmq:5672/%2f/messages
|
|
###< symfony/messenger ###
|
|
|
|
###> lexik/jwt-authentication-bundle ###
|
|
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
|
|
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
|
|
JWT_PASSPHRASE=classeo_jwt_passphrase_change_me
|
|
###< lexik/jwt-authentication-bundle ###
|
|
|
|
###> redis ###
|
|
REDIS_URL=redis://redis:6379
|
|
###< redis ###
|
|
|
|
###> mercure ###
|
|
MERCURE_URL=http://mercure/.well-known/mercure
|
|
MERCURE_PUBLIC_URL=http://localhost:3000/.well-known/mercure
|
|
MERCURE_JWT_SECRET=mercure_publisher_secret_change_me_in_production
|
|
###< mercure ###
|
|
|
|
###> meilisearch ###
|
|
MEILISEARCH_URL=http://meilisearch:7700
|
|
MEILISEARCH_API_KEY=masterKey
|
|
###< meilisearch ###
|
|
|
|
###> symfony/mailer ###
|
|
MAILER_DSN=smtp://mailpit:1025
|
|
###< symfony/mailer ###
|
|
|
|
###> symfony/routing ###
|
|
# Configure how to generate URLs in non-HTTP contexts, such as CLI commands.
|
|
# See https://symfony.com/doc/current/routing.html#generating-urls-in-commands
|
|
DEFAULT_URI=http://localhost
|
|
###< symfony/routing ###
|
|
|
|
###> multi-tenant ###
|
|
# Base domain for tenant resolution (e.g., classeo.fr, classeo.local)
|
|
TENANT_BASE_DOMAIN=classeo.local
|
|
###< multi-tenant ###
|
|
|
|
###> app ###
|
|
# Frontend URL for emails and links
|
|
APP_URL=http://localhost:5173
|
|
###< app ###
|
|
|
|
###> nelmio/cors-bundle ###
|
|
CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$'
|
|
###< nelmio/cors-bundle ###
|