typisttech / wp-password-argon-two-env
Convert environment variables to WP Password Argon Two required constants.
Fund package maintenance!
typist.tech/donation
Requires
- php: ^7.2 || ^8.0
- oscarotero/env: ^2.1
- typisttech/wp-password-argon-two: ^0.2.0
This package is auto-updated.
Last update: 2024-08-12 20:20:21 UTC
README
Caution
WP Password Argon Two has been abandoned. Hence, WP Password Argon Two Env as well.
If you want to maintain a fork of WP Password Argon Two, read this blog post (Wayback Machine snaptshot). Otherwise, use roots/wp-password-bcrypt.
WP Password Argon Two Env
Convert environment variables to WP Password Argon Two required constants.
- Goal
- Installation
- Usage
- Frequently Asked Questions
- Support!
- Developing
- Feedback
- Change Log
- Security
- Credits
- License
Goal
Defining WP Password Argon Two required constants in application code violates 12-factor principle.
This package allows you configure WP Password Argon Two with environment variables.
Installation
➜ composer require typisttech/wp-password-argon-two-env
In wp-config.php or Bedrock's config/application.php:
TypistTech\WPPasswordArgonTwo\Env\Converter::run();
Usage
On your server, define these environment variables:
WP_PASSWORD_ARGON_TWO_PEPPERWP_PASSWORD_ARGON_TWO_OPTION_MEMORY_COSTWP_PASSWORD_ARGON_TWO_OPTION_TIME_COSTWP_PASSWORD_ARGON_TWO_OPTION_THREADSWP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_<integer>
Only WP_PASSWORD_ARGON_TWO_PEPPER is required. Others are optional.
Fallback peppers must start with 1 and consecutive. For example:
WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_1WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_2WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_3
Trellis
Trellis users could add environment variables under wordpress_sites:
# group_vars/<env>/vault.yml vault_wordpress_sites: example.com: env: wp_password_argon_two_pepper: 'your_long_and_random_pepper' wp_password_argon_two_fallback_pepper_1: 'your_second_oldest_pepper' wp_password_argon_two_fallback_pepper_2: 'your_oldest_pepper' # group_vars/<env>/wordpress_sites.yml wordpress_sites: example.com: env: wp_password_argon_two_option_memory_cost: 131072 # 128 Mb wp_password_argon_two_option_time_cost: 4 wp_password_argon_two_option_threads: 3
Encrypting vault.yml files is important! Learn more on Trellis docs.
Frequently Asked Questions
Why I got InsecureConfigException (Pepper should not be empty)?
Because... pepper should not be empty.
WP_PASSWORD_ARGON_TWO_PEPPER environment variable isn't defined properly.
Does it work when WP Password Argon Two installed as a must-use plugin?
No.
It looks awesome. Where can I find some more goodies like this?
- Articles on Typist Tech's blog
- Tang Rufus' WordPress plugins on wp.org
- More projects on Typist Tech's GitHub profile
- Stay tuned on Typist Tech's newsletter
- Follow Tang Rufus' Twitter account
Support!
Donate
Love WP Password Argon Two Env? Help me maintain it, a donation here can help with it.
Why don't you hire me?
Ready to take freelance WordPress jobs. Contact me via the contact form here or, via email info@typist.tech
Want to help in other way? Want to be a sponsor?
Contact: Tang Rufus
Developing
To set up a developer workable version you should run these commands:
$ composer create-project --keep-vcs --no-install typisttech/wp-password-argon-two-env:dev-master
$ cd wp-password-argon-two-env
$ composer install
Feedback
Please provide feedback! We want to make this library useful in as many projects as possible. Please submit an issue and point out what you do and don't like, or fork the project and make suggestions. No issue is too small.
Security
If you discover any security related issues, please email wp-password-argon-two-env@typist.tech instead of using the issue tracker.
Credits
WP Password Argon Two Env is a Typist Tech project and maintained by Tang Rufus, freelance developer for hire.
Full list of contributors can be found here.
License
The MIT License (MIT). Please see License File for more information.