b0dead8120
- securityKey: HMAC-SHA256(reference, APP_SECRET) truncated to 16 hex chars - Generated automatically at ticket creation via BilletOrderService - Deterministic: same reference + secret = same key, verifiable server-side - Cannot be forged without knowing APP_SECRET - PDF: "Presentez ce QR code pour valider votre ticket" under QR code - PDF: "Cle de securite" displayed with letter-spacing - Tests: generateSecurityKey determinism, uniqueness, format Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
27 lines
638 B
PHP
27 lines
638 B
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace DoctrineMigrations;
|
|
|
|
use Doctrine\DBAL\Schema\Schema;
|
|
use Doctrine\Migrations\AbstractMigration;
|
|
|
|
final class Version20260321230000 extends AbstractMigration
|
|
{
|
|
public function getDescription(): string
|
|
{
|
|
return 'Add security_key to billet_order';
|
|
}
|
|
|
|
public function up(Schema $schema): void
|
|
{
|
|
$this->addSql("ALTER TABLE billet_order ADD COLUMN IF NOT EXISTS security_key VARCHAR(16) DEFAULT '' NOT NULL");
|
|
}
|
|
|
|
public function down(Schema $schema): void
|
|
{
|
|
$this->addSql('ALTER TABLE billet_order DROP COLUMN IF EXISTS security_key');
|
|
}
|
|
}
|