Fix SonarQube issues, store sessions in Redis, use direct analytics URLs

- ApiSandboxController: reduce scan() returns from 4 to 3 via ternary - ApiDocController: add MIME_JSON constant, extract buildInsomniaRequest() and buildInsomniaBody() to reduce cognitive complexity - Store sessions in Redis to fix SSO disconnect with 2 PHP replicas (round-robin load balancing caused session loss on filesystem storage) - Configure session cookie: 24h lifetime, secure auto, samesite lax - Replace Caddy analytics proxies (/stats/*, /assets/perf.js, /sperf) with direct URLs to tools-security.esy-web.dev and cloudflareinsights.com - Update JS tests for new direct analytics URLs Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 09:21:19 +01:00
parent 867eaadddf
commit d44e75e3fd
9 changed files with 94 additions and 86 deletions
--- a/.env
+++ b/.env
@@ -32,6 +32,10 @@ DATABASE_URL="postgresql://app:secret@database:5432/ecosplay?serverVersion=16&ch
 MESSENGER_TRANSPORT_DSN=redis://redis:6379/messages
 ###< symfony/messenger ###

+###> session ###
+SESSION_HANDLER_DSN=redis://redis:6379/sessions
+###< session ###
+
 ###> symfony/mailer ###
 MAILER_DSN=smtp://mailpit:1025
 ###< symfony/mailer ###