security: #enable_authenticator_manager: true password_hashers: App\Entity\User: algorithm: auto # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers role_hierarchy: ROLE_ADMIN: [ROLE_USER, ROLE_MODERATEUR] ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] # https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded providers: app_user_provider: entity: class: App\Entity\User property: username firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: user_checker: App\Security\UserChecker #guard: # authenticators: # - App\Security\LoginFormAuthenticator remember_me: secret: '%kernel.secret%' samesite: 'lax' form_login: login_path: app_login check_path: app_login enable_csrf: true logout: path: app_logout target: app_login #custom_authenticator: App\Security\LoginFormAuthenticator #lazy: true #provider: users_in_memory # activate different ways to authenticate # https://symfony.com/doc/current/security.html#the-firewall # https://symfony.com/doc/current/security/impersonating_user.html # switch_user: true # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: - { path: ^/(login$|register$|motdepasseoublie$|resetpassword/token=|activate/token=|attente$|fichefilm/|$|liste-by/|liste-by_real/|recherche|prochaines-sorties$|p/about$) , roles: PUBLIC_ACCESS } - { path: ^/admin, roles: ROLE_ADMIN } - { path: ^/genre, roles: ROLE_MODERATEUR } - { path: ^/p/edit, roles: ROLE_ADMIN } - { path: ^/, roles: IS_AUTHENTICATED_REMEMBERED }