-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configurable with environment variables #254
Comments
The These can be passed as an environment variable, but only without the The reason why you're having problems with the casting might be related to your environment variable names starting with a number. Symfony doesn't like that, rightfully so, as the official definition of environment variable names seems to be:
This is likely the reason why your environment variable values are not recognized and evaluate to a default value of Other options I had to do some research to figure out why you're having problems passing the integer configuration values. I've seen these problems as well during my tests. Here's what I learned: Symfony is only reading environment variable values when the application is started. At this point, the container has been compiled and finalized. To build the container, Symfony requires the configuration options to have some value for the sake of validating the configuration. Symfony uses some "dummy values" (hardcoded here: https://github.com/symfony/symfony/blob/7.2/src/Symfony/Component/DependencyInjection/Compiler/ValidateEnvPlaceholdersPass.php#L29) as stand-ins for environment variables, because it doesn't know the environment variable's actual value at this point. Though these hardcoded dummy values might conflict with the constraints of configuration options, e.g. the There is obviously no way around this, it's how environment variables in Symfony config work. The only thing I could do about it, is relaxing the constraints on configuration options to allow the dummy values to pass. Though I don't know how I feel about that. There's a reason these constraints exist. |
Thank you very much for your detailed response. :)
That makes sense. I'll change these to strings and use "on" or "off" accordingly.
To be honest, my variables are all prefixed as "MFA_" already. I had only renamed them to "2FA_" for here to match more closely with the bundle's name for example purposes. (Personally I prefer "MFA" to "2FA" linguistically for some silly meaningless reason.)
This looks like the more likely cause for the issue I've had. Thanks for pointing to this primary source.
I don't think you should relax the constraints to fit dummy values. I'd be more interested in this issue going up to Symfony to find out more about why the container's values get locked in such a way, and whether anything can be done there to benefit everyone's components. It appears other people have already had this problem: symfony/symfony#57210 In the short term I'll amend my configuration to be more static with some sharp commentary about duplications needing to be updated if amended. Thanks again for your response and excellent bundle. |
What did you use? Wouldn't be much of a hassle to add more strings, that would be evaluated as booleans. Maybe prevents other people from running into the same issue. |
I used "on"/"off" to be in line with Symfony's |
Hello,
Would it be possible to support this component's configuration to be read from environment variables?
The purpose of this would be so that the configuration can be semi-exposed via service parameters to templating or API. This would allow a user account 2FA management interface to adapt according to the application's configuration without duplication of or detachment from the component's configuration. For example only showing a section for activating/managing Google Authenticator if it's been enabled in the component configuration.
This would also allow the configuration to be injected into translation messages, such as a span or tooltip alongside the "This is a trusted device" checkbox to inform the user how long their device will be remembered for.
I did attempt this though it encounters issues. (It may already work with me just getting it wrong instead.)
"%env(bool:2FA_EMAIL_ENABLED)%"
:"%env(2FA_EMAIL_ENABLED)%"
, same as above without a boolean processor:The value is always loosely juggled to
false
from an empty string."%env(int:2FA_TRUSTED_DEVICE_LIFETIME)%"
:The value is always loosely juggled to a
0
from an empty string."%env(2FA_TRUSTED_DEVICE_LIFETIME)%"
, same as above without an int processor:The value is always seen as an empty string.
Example environment variables:
Example "scheb_2fa.yaml" configuration:
The text was updated successfully, but these errors were encountered: