Add security key to BilletOrder, QR code helper text

- securityKey: HMAC-SHA256(reference, APP_SECRET) truncated to 16 hex chars - Generated automatically at ticket creation via BilletOrderService - Deterministic: same reference + secret = same key, verifiable server-side - Cannot be forged without knowing APP_SECRET - PDF: "Presentez ce QR code pour valider votre ticket" under QR code - PDF: "Cle de securite" displayed with letter-spacing - Tests: generateSecurityKey determinism, uniqueness, format Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-21 16:43:59 +01:00
parent 6cd91a7c8e
commit b0dead8120
5 changed files with 76 additions and 0 deletions
--- a/migrations/Version20260321230000.php
+++ b/migrations/Version20260321230000.php
@@ -0,0 +1,26 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+final class Version20260321230000 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return 'Add security_key to billet_order';
+    }
+
+    public function up(Schema $schema): void
+    {
+        $this->addSql("ALTER TABLE billet_order ADD COLUMN IF NOT EXISTS security_key VARCHAR(16) DEFAULT '' NOT NULL");
+    }
+
+    public function down(Schema $schema): void
+    {
+        $this->addSql('ALTER TABLE billet_order DROP COLUMN IF EXISTS security_key');
+    }
+}