security: encoders: App\Entity\User: algorithm: auto # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers providers: # used to reload user from session & other features (e.g. switch_user) app_user_provider: entity: class: App\Entity\User property: email firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: anonymous: true lazy: true provider: app_user_provider guard: authenticators: - Lc\SovBundle\Authenticator\LoginFormAuthenticator logout: path: logout # where to redirect after logout # target: app_any_route # activate different ways to authenticate # https://symfony.com/doc/current/security.html#firewalls-authentication # https://symfony.com/doc/current/security/impersonating_user.html # switch_user: true # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: - { path: ^/manager, roles: [ROLE_ADMIN, ROLE_SUPER_ADMIN] } - { path: ^/admin, roles: [ROLE_ADMIN, ROLE_SUPER_ADMIN] } - { path: ^/profile, roles: ROLE_USER }