|
- security:
- encoders:
- App\Entity\User:
- algorithm: auto
-
- # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
- providers:
- # used to reload user from session & other features (e.g. switch_user)
- app_user_provider:
- entity:
- class: App\Entity\User
- property: email
- firewalls:
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- main:
- anonymous: true
- lazy: true
- provider: app_user_provider
- guard:
- authenticators:
- - App\Security\LoginFormAuthenticator
- logout:
- path: logout
- # where to redirect after logout
- # target: app_any_route
-
- # activate different ways to authenticate
- # https://symfony.com/doc/current/security.html#firewalls-authentication
-
- # https://symfony.com/doc/current/security/impersonating_user.html
- # switch_user: true
-
- # Easy way to control access for large sections of your site
- # Note: Only the *first* access control that matches will be used
- access_control:
- - { path: ^/admin, roles: [ROLE_ADMIN, ROLE_SUPER_ADMIN] }
- - { path: ^/profile, roles: ROLE_USER }
|
