| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- security:
- # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
- password_hashers:
- Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
- # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
- providers:
- # used to reload user from session & other features (e.g. switch_user)
- app_user_provider:
- entity:
- class: App\Entity\User
- property: username
- firewalls:
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- main:
- lazy: true
- provider: app_user_provider
- form_login:
- login_path: app_login
- check_path: app_login
- enable_csrf: true
- logout:
- path: app_logout
- # where to redirect after logout
- # target: app_any_route
- # activate different ways to authenticate
- # https://symfony.com/doc/current/security.html#the-firewall
- # https://symfony.com/doc/current/security/impersonating_user.html
- # switch_user: true
- # Easy way to control access for large sections of your site
- # Note: Only the *first* access control that matches will be used
- access_control:
- # - { path: ^/admin, roles: ROLE_ADMIN }
- # - { path: ^/profile, roles: ROLE_USER }
- role_hierarchy:
- ROLE_ADMIN: ROLE_MODERATOR, ROLE_CONTACT
- ROLE_CONTACT: ROLE_AUTHOR
- when@test:
- security:
- password_hashers:
- # By default, password hashers are resource intensive and take time. This is
- # important to generate secure password hashes. In tests however, secure hashes
- # are not important, waste resources and increase test times. The following
- # reduces the work factor to the lowest possible values.
- Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
- algorithm: auto
- cost: 4 # Lowest possible value for bcrypt
- time_cost: 3 # Lowest possible value for argon
- memory_cost: 10 # Lowest possible value for argon
|
