51 lines
1.8 KiB
YAML
51 lines
1.8 KiB
YAML
|
security:
|
||
|
encoders:
|
||
|
App\Entity\User:
|
||
|
algorithm: auto
|
||
|
|
||
|
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
|
||
|
providers:
|
||
|
# used to reload user from session & other features (e.g. switch_user)
|
||
|
app_user_provider:
|
||
|
entity:
|
||
|
class: App\Entity\User
|
||
|
property: email
|
||
|
|
||
|
role_hierarchy:
|
||
|
ROLE_WRITER: ROLE_USER
|
||
|
ROLE_ADMIN: ROLE_WRITER
|
||
|
|
||
|
firewalls:
|
||
|
dev:
|
||
|
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
||
|
security: false
|
||
|
main:
|
||
|
anonymous: ~
|
||
|
two_factor:
|
||
|
auth_form_path: 2fa_login # The route name you have used in the routes.yaml
|
||
|
check_path: 2fa_login_check # The route name you have used in the routes.yaml
|
||
|
guard:
|
||
|
authenticators:
|
||
|
- App\Core\Authenticator\LoginFormAuthenticator
|
||
|
form_login:
|
||
|
login_path: auth_login
|
||
|
check_path: auth_login
|
||
|
csrf_token_generator: security.csrf.token_manager
|
||
|
logout:
|
||
|
path: auth_logout
|
||
|
target: /
|
||
|
remember_me:
|
||
|
secret: '%kernel.secret%'
|
||
|
lifetime: 604800
|
||
|
path: /
|
||
|
|
||
|
# Easy way to control access for large sections of your site
|
||
|
# Note: Only the *first* access control that matches will be used
|
||
|
access_control:
|
||
|
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
|
||
|
- { path: ^/resetting, roles: IS_AUTHENTICATED_ANONYMOUSLY }
|
||
|
- { path: ^/2fa, role: IS_AUTHENTICATED_2FA_IN_PROGRESS }
|
||
|
- { path: ^/admin/user, roles: ROLE_ADMIN }
|
||
|
- { path: ^/admin, roles: ROLE_USER }
|
||
|
- { path: ^/_internal, roles: IS_AUTHENTICATED_ANONYMOUSLY }
|