[DEFAULTS] Add password hashing algorithm default settings

This commit is contained in:
Hugo Sales 2020-07-22 11:48:32 +00:00 committed by Hugo Sales
parent 0ef9223803
commit fc4d8bcf65

View File

@ -65,7 +65,10 @@ abstract class DefaultSettings
'x_static_delivery' => null, 'x_static_delivery' => null,
'defaults_modified' => time(), 'defaults_modified' => time(),
], ],
'security' => ['hash_algos' => ['sha1', 'sha256', 'sha512']], // set to null for anything that hash_hmac() can handle (and is in hash_algos()) 'security' => [
'algorithm' => 'bcrypt', // bcrypt, argon2i or argon2id
'options' => ['cost' => 12], // for argon, ['memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST, 'time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST, 'threads' => PASSWORD_ARGON2_DEFAULT_THREADS]
],
'db' => ['mirror' => null], // TODO implement 'db' => ['mirror' => null], // TODO implement
'cache' => [ 'cache' => [
'notice_max_count' => 128, 'notice_max_count' => 128,
@ -244,11 +247,19 @@ abstract class DefaultSettings
'discovery' => ['CORS' => false], // Allow Cross-Origin Resource Sharing for service discovery (host-meta, XRD, etc.) 'discovery' => ['CORS' => false], // Allow Cross-Origin Resource Sharing for service discovery (host-meta, XRD, etc.)
]; ];
if (!DB::getConnection()->getSchemaManager()->tablesExist(['config'])) {
return;
}
try {
$modified = Common::config('site', 'defaults_modified'); $modified = Common::config('site', 'defaults_modified');
if ($modified > filemtime(__FILE__)) { if ($modified > filemtime(__FILE__)) {
// Don't bother modifying the table if this file is older // Don't bother modifying the table if this file is older
return; return;
} }
} catch (\Exception $e) {
// It seems the table wasn't initialized yet, carry on
}
self::loadDefaults($_ENV['APP_ENV'] == 'prod'); self::loadDefaults($_ENV['APP_ENV'] == 'prod');
} }