2020-03-10 19:04:22 +00:00
|
|
|
security:
|
2021-11-16 14:48:18 +00:00
|
|
|
enable_authenticator_manager: true
|
|
|
|
password_hashers:
|
|
|
|
App\Entity\LocalUser:
|
|
|
|
algorithm: auto
|
|
|
|
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
|
2021-11-16 14:48:18 +00:00
|
|
|
providers:
|
2021-10-10 17:41:30 +01:00
|
|
|
local_user:
|
|
|
|
chain:
|
|
|
|
providers: [local_user_by_nickname, local_user_by_email]
|
|
|
|
local_user_by_nickname:
|
2020-07-22 12:45:03 +01:00
|
|
|
entity:
|
|
|
|
class: 'App\Entity\LocalUser'
|
|
|
|
property: 'nickname'
|
2021-10-10 17:41:30 +01:00
|
|
|
local_user_by_email:
|
|
|
|
entity:
|
|
|
|
class: 'App\Entity\LocalUser'
|
2021-11-16 14:48:18 +00:00
|
|
|
property: 'outgoing_email'
|
2020-03-10 19:04:22 +00:00
|
|
|
firewalls:
|
|
|
|
dev:
|
|
|
|
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
|
|
|
security: false
|
2022-01-15 18:03:07 +00:00
|
|
|
oauth_token:
|
2022-01-15 20:05:28 +00:00
|
|
|
pattern: ^/oauth/(token|authorize)$
|
2022-01-15 18:03:07 +00:00
|
|
|
security: false
|
|
|
|
api_apps:
|
|
|
|
pattern: ^/api/v1/apps$
|
|
|
|
security: false
|
|
|
|
api:
|
|
|
|
guard:
|
|
|
|
authenticators:
|
|
|
|
- Trikoder\Bundle\OAuth2Bundle\Security\Guard\Authenticator\OAuth2Authenticator
|
|
|
|
provider: local_user
|
|
|
|
pattern: ^/api/
|
|
|
|
security: true
|
|
|
|
stateless: true
|
2020-03-10 19:04:22 +00:00
|
|
|
main:
|
2021-11-16 14:48:18 +00:00
|
|
|
entry_point: App\Security\Authenticator
|
2020-07-22 02:58:25 +01:00
|
|
|
guard:
|
2021-11-16 14:48:18 +00:00
|
|
|
authenticators:
|
|
|
|
- App\Security\Authenticator
|
|
|
|
provider: local_user
|
|
|
|
form_login:
|
|
|
|
login_path: security_login
|
|
|
|
check_path: security_login
|
|
|
|
enable_csrf: true
|
2020-07-22 02:58:25 +01:00
|
|
|
logout:
|
2021-10-10 17:41:30 +01:00
|
|
|
path: security_logout
|
2020-07-22 02:58:25 +01:00
|
|
|
# where to redirect after logout
|
2021-12-23 13:27:31 +00:00
|
|
|
target: root
|
2020-07-22 02:58:25 +01:00
|
|
|
|
|
|
|
remember_me:
|
|
|
|
secret: '%kernel.secret%'
|
|
|
|
secure: true
|
|
|
|
httponly: '%remember_me_httponly%'
|
|
|
|
samesite: '%remember_me_samesite%'
|
|
|
|
token_provider: 'Symfony\Bridge\Doctrine\Security\RememberMe\DoctrineTokenProvider'
|
2020-03-10 19:04:22 +00:00
|
|
|
|
|
|
|
# activate different ways to authenticate
|
|
|
|
# https://symfony.com/doc/current/security.html#firewalls-authentication
|
|
|
|
|
|
|
|
# https://symfony.com/doc/current/security/impersonating_user.html
|
|
|
|
# switch_user: true
|
|
|
|
|
|
|
|
# Easy way to control access for large sections of your site
|
|
|
|
# Note: Only the *first* access control that matches will be used
|
|
|
|
access_control:
|
2020-07-22 02:58:25 +01:00
|
|
|
- { path: ^/admin, roles: ROLE_ADMIN }
|
|
|
|
- { path: ^/settings, roles: ROLE_USER }
|
2022-01-14 14:30:55 +00:00
|
|
|
- { path: ^/authorize, roles: IS_AUTHENTICATED_REMEMBERED }
|