You've already forked Atomcms-edit
root
7f59024bef
- Remove User::$guarded = [] to prevent mass assignment attacks - Enable SQL strict mode and disable emulated prepares (SQL injection prevention) - Switch password hashing from bcrypt to argon2id (stronger algorithm) - Enable session encryption to protect session data at rest - Restrict TrustProxies to localhost only (prevent IP spoofing) - Restrict CORS allowed_methods via env variable instead of wildcard - Add PayPal amount mismatch detection to prevent payment manipulation - Add double-capture prevention (idempotency check) - Add expected_amount column to transactions table for verification
55 lines
1.6 KiB
PHP
Executable File
55 lines
1.6 KiB
PHP
Executable File
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
return [
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Default Hash Driver
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This option controls the default hash driver that will be used to hash
|
|
| passwords for your application. By default, the bcrypt algorithm is
|
|
| used; however, you remain free to modify this option if you wish.
|
|
|
|
|
| Supported: "bcrypt", "argon", "argon2id"
|
|
|
|
|
*/
|
|
|
|
'driver' => 'argon2id',
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Bcrypt Options
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Here you may specify the configuration options that should be used when
|
|
| passwords are hashed using the Bcrypt algorithm. This will allow you
|
|
| to control the amount of time it takes to hash the given password.
|
|
|
|
|
*/
|
|
|
|
'bcrypt' => [
|
|
'rounds' => env('BCRYPT_ROUNDS', 12),
|
|
],
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Argon Options
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Here you may specify the configuration options that should be used when
|
|
| passwords are hashed using the Argon algorithm. These will allow you
|
|
| to control the amount of time it takes to hash the given password.
|
|
|
|
|
*/
|
|
|
|
'argon' => [
|
|
'memory' => 65536,
|
|
'threads' => 1,
|
|
'time' => 4,
|
|
],
|
|
|
|
];
|