security.yaml 1.7 KB

123456789101112131415161718192021222324252627282930313233343536373839
  1. security:
  2. # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
  3. password_hashers:
  4. Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
  5. # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
  6. providers:
  7. users_in_memory: { memory: null }
  8. firewalls:
  9. dev:
  10. pattern: ^/(_(profiler|wdt)|css|images|js)/
  11. security: false
  12. main:
  13. lazy: true
  14. provider: users_in_memory
  15. # activate different ways to authenticate
  16. # https://symfony.com/doc/current/security.html#the-firewall
  17. # https://symfony.com/doc/current/security/impersonating_user.html
  18. # switch_user: true
  19. # Easy way to control access for large sections of your site
  20. # Note: Only the *first* access control that matches will be used
  21. access_control:
  22. # - { path: ^/admin, roles: ROLE_ADMIN }
  23. # - { path: ^/profile, roles: ROLE_USER }
  24. when@test:
  25. security:
  26. password_hashers:
  27. # By default, password hashers are resource intensive and take time. This is
  28. # important to generate secure password hashes. In tests however, secure hashes
  29. # are not important, waste resources and increase test times. The following
  30. # reduces the work factor to the lowest possible values.
  31. Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
  32. algorithm: auto
  33. cost: 4 # Lowest possible value for bcrypt
  34. time_cost: 3 # Lowest possible value for argon
  35. memory_cost: 10 # Lowest possible value for argon