Skip to content

Commit

Permalink
Merge pull request #690 from touhidurabir/i9895_main
Browse files Browse the repository at this point in the history
pkp/pkp-lib#9895 app key and encryption service integration
  • Loading branch information
touhidurabir authored Jul 1, 2024
2 parents 6090e2d + 5be468e commit 275914d
Show file tree
Hide file tree
Showing 4 changed files with 21 additions and 7 deletions.
17 changes: 12 additions & 5 deletions config.TEMPLATE.inc.php
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,10 @@

[general]

; An application specific key that is required for the app to run
; Internally this is used for any encryption (specifically cookie encryption if enabled)
app_key =

; Set this to On once the system has been installed
; (This is generally done automatically by the installer)
installed = Off
Expand All @@ -50,11 +54,6 @@
; To set the "Secure" attribute for the cookie see the setting force_ssl at the [security] group
session_samesite = Lax

; Enable this if want to enable cookie encryption
; The length of the cookie encryption key must be 16 characters
; Note that updating or removing cookie encryption key will result in logout from all devices
; session_cookie_encryption_key = ''

; Enable support for running scheduled tasks
; Set this to On if you have set up the scheduled tasks script to
; execute periodically
Expand Down Expand Up @@ -260,6 +259,14 @@

[security]

; Specific cipher algorithm used to generate app key and encryption purpose
; Valid and available algorithms are `aes-128-cbc`, `aes-256-cbc`, `aes-128-gcm` and `aes-256-gcm`
; cipher = 'aes-256-cbc'

; Define should the cookie at user's end need to be encrypted
; Enabling/Disabling will force all user to re-login
; cookie_encryption = On

; Force SSL connections site-wide and also sets the "Secure" flag for session cookies
; See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#secure
force_ssl = Off
Expand Down
1 change: 1 addition & 0 deletions dbscripts/xml/upgrade.xml
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,7 @@

<upgrade minversion="3.1.0.0" maxversion="3.4.9.9">
<migration class="PKP\migration\upgrade\v3_5_0\PreflightCheckMigration" fallback="3.4.9.9" />
<migration class="PKP\migration\upgrade\v3_5_0\I9895_AddAppKeyToConfigFile"/>
<migration class="PKP\migration\upgrade\v3_5_0\InstallEmailTemplates"/>
<migration class="PKP\migration\upgrade\v3_5_0\I9197_MigrateAccessKeys"/>
<migration class="PKP\migration\upgrade\v3_5_0\I9253_SiteAnnouncements"/>
Expand Down
8 changes: 7 additions & 1 deletion docs/release-notes/README-3.5.0
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,15 @@ See config.TEMPLATE.inc.php for a description and examples of all supported
configuration parameters.

New config.inc.php parameters added for general:
- session_cookie_enctyption_key (default value: ''), allow cookie encryption when set
- app_key (default value: ''), application specific key will used internally for encryption/decryption. This will be automatically added at upgrade.

New config.inc.php parameters added for security:
- cipher (default value: ''), cipher algorithm used to generate app key and encryption purpose
- cookie_encryption (default value: ''), allow cookie encryption when set


New Features
------------
#9566 : Convert session and cookie management to Laravel
#9895 : Introduce APP KEY feature of Laravel

0 comments on commit 275914d

Please sign in to comment.