Fix SonarQube issues, store sessions in Redis, use direct analytics URLs

- ApiSandboxController: reduce scan() returns from 4 to 3 via ternary - ApiDocController: add MIME_JSON constant, extract buildInsomniaRequest() and buildInsomniaBody() to reduce cognitive complexity - Store sessions in Redis to fix SSO disconnect with 2 PHP replicas (round-robin load balancing caused session loss on filesystem storage) - Configure session cookie: 24h lifetime, secure auto, samesite lax - Replace Caddy analytics proxies (/stats/*, /assets/perf.js, /sperf) with direct URLs to tools-security.esy-web.dev and cloudflareinsights.com - Update JS tests for new direct analytics URLs Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 09:21:19 +01:00
parent 867eaadddf
commit d44e75e3fd
9 changed files with 94 additions and 86 deletions
--- a/ansible/caddy.j2
+++ b/ansible/caddy.j2
@@ -9,27 +9,6 @@ ticket.e-cosplay.fr {
        file_server
    }

-    handle_path /stats/* {
-        rewrite * {uri}
-        reverse_proxy https://tools-security.esy-web.dev {
-            header_up Host tools-security.esy-web.dev
-        }
-    }
-
-    handle /assets/perf.js {
-        rewrite * /beacon.min.js
-        reverse_proxy https://static.cloudflareinsights.com {
-            header_up Host static.cloudflareinsights.com
-        }
-    }
-
-    handle_path /sperf {
-        rewrite * /cdn-cgi/rum
-        reverse_proxy https://cloudflareinsights.com {
-            header_up Host cloudflareinsights.com
-        }
-    }
-
    @maintenance file /var/www/e-ticket/public/.update
    handle @maintenance {
        root * /var/www/e-ticket/public