security: # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers providers: users: entity: class: 'App\Entity\LocalUser' property: 'nickname' firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: anonymous: true lazy: true provider: users guard: authenticators: - App\Security\Authenticator logout: path: logout # where to redirect after logout target: main_all remember_me: secret: '%kernel.secret%' secure: true httponly: '%remember_me_httponly%' samesite: '%remember_me_samesite%' token_provider: 'Symfony\Bridge\Doctrine\Security\RememberMe\DoctrineTokenProvider' # activate different ways to authenticate # https://symfony.com/doc/current/security.html#firewalls-authentication # https://symfony.com/doc/current/security/impersonating_user.html # switch_user: true # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: - { path: ^/admin, roles: ROLE_ADMIN } - { path: ^/settings, roles: ROLE_USER }