2020-03-10 19:04:22 +00:00
|
|
|
security:
|
2021-11-16 14:48:18 +00:00
|
|
|
enable_authenticator_manager: true
|
|
|
|
password_hashers:
|
|
|
|
App\Entity\LocalUser:
|
|
|
|
algorithm: auto
|
|
|
|
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
|
2021-11-16 14:48:18 +00:00
|
|
|
providers:
|
2021-10-10 17:41:30 +01:00
|
|
|
local_user:
|
|
|
|
chain:
|
|
|
|
providers: [local_user_by_nickname, local_user_by_email]
|
|
|
|
local_user_by_nickname:
|
2020-07-22 12:45:03 +01:00
|
|
|
entity:
|
|
|
|
class: 'App\Entity\LocalUser'
|
|
|
|
property: 'nickname'
|
2021-10-10 17:41:30 +01:00
|
|
|
local_user_by_email:
|
|
|
|
entity:
|
|
|
|
class: 'App\Entity\LocalUser'
|
2021-11-16 14:48:18 +00:00
|
|
|
property: 'outgoing_email'
|
2020-03-10 19:04:22 +00:00
|
|
|
firewalls:
|
|
|
|
dev:
|
|
|
|
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
|
|
|
security: false
|
|
|
|
main:
|
2022-03-08 22:32:18 +00:00
|
|
|
lazy: true
|
2021-11-16 14:48:18 +00:00
|
|
|
provider: local_user
|
|
|
|
form_login:
|
|
|
|
login_path: security_login
|
|
|
|
check_path: security_login
|
2022-03-13 22:27:59 +00:00
|
|
|
default_target_path: root
|
2020-07-22 02:58:25 +01:00
|
|
|
logout:
|
2021-10-10 17:41:30 +01:00
|
|
|
path: security_logout
|
2020-07-22 02:58:25 +01:00
|
|
|
# where to redirect after logout
|
2021-12-23 13:27:31 +00:00
|
|
|
target: root
|
2020-07-22 02:58:25 +01:00
|
|
|
|
2022-03-08 22:32:18 +00:00
|
|
|
# remember_me:
|
|
|
|
# secret: '%kernel.secret%'
|
|
|
|
# secure: true
|
|
|
|
# httponly: '%remember_me_httponly%'
|
|
|
|
# samesite: '%remember_me_samesite%'
|
|
|
|
# token_provider: 'Symfony\Bridge\Doctrine\Security\RememberMe\DoctrineTokenProvider'
|
2020-03-10 19:04:22 +00:00
|
|
|
|
2022-03-08 22:32:18 +00:00
|
|
|
# custom_authenticator: 'App\Core\Security'
|
|
|
|
|
|
|
|
# activate different ways to authenticate
|
2020-03-10 19:04:22 +00:00
|
|
|
# https://symfony.com/doc/current/security.html#firewalls-authentication
|
|
|
|
|
|
|
|
# https://symfony.com/doc/current/security/impersonating_user.html
|
|
|
|
# switch_user: true
|
|
|
|
|
|
|
|
# Easy way to control access for large sections of your site
|
|
|
|
# Note: Only the *first* access control that matches will be used
|
|
|
|
access_control:
|
2022-01-22 15:02:21 +00:00
|
|
|
- { path: ^/admin, roles: ROLE_OPERATOR }
|
|
|
|
- { path: ^/settings, roles: ROLE_VISITOR }
|