| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 |
- security:
- enable_authenticator_manager: true
- password_hashers:
- App\Entity\LocalUser:
- algorithm: auto
- # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
- providers:
- local_user:
- chain:
- providers: [local_user_by_nickname, local_user_by_email]
- local_user_by_nickname:
- entity:
- class: 'App\Entity\LocalUser'
- property: 'nickname'
- local_user_by_email:
- entity:
- class: 'App\Entity\LocalUser'
- property: 'outgoing_email'
- firewalls:
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- api_apps:
- pattern: ^/api/v1/apps$
- security: false
- api_token:
- pattern: ^/oauth/token$
- security: false
- api:
- provider: local_user
- pattern: ^/api/
- security: true
- stateless: true
- main:
- entry_point: App\Security\Authenticator
- guard:
- authenticators:
- - App\Security\Authenticator
- provider: local_user
- form_login:
- login_path: security_login
- check_path: security_login
- enable_csrf: true
- logout:
- path: security_logout
- # where to redirect after logout
- target: root
- remember_me:
- secret: '%kernel.secret%'
- secure: true
- httponly: '%remember_me_httponly%'
- samesite: '%remember_me_samesite%'
- token_provider: 'Symfony\Bridge\Doctrine\Security\RememberMe\DoctrineTokenProvider'
- # activate different ways to authenticate
- # https://symfony.com/doc/current/security.html#firewalls-authentication
- # https://symfony.com/doc/current/security/impersonating_user.html
- # switch_user: true
- # Easy way to control access for large sections of your site
- # Note: Only the *first* access control that matches will be used
- access_control:
- - { path: ^/admin, roles: ROLE_ADMIN }
- - { path: ^/settings, roles: ROLE_USER }
- - { path: ^/authorize, roles: IS_AUTHENTICATED_REMEMBERED }
|
