| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 |
- security:
- #enable_authenticator_manager: true
- password_hashers:
- App\Entity\User:
- algorithm: auto
-
- # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
- role_hierarchy:
- ROLE_ADMIN: [ROLE_USER, ROLE_MODERATEUR]
- ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
- # https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
- providers:
- app_user_provider:
- entity:
- class: App\Entity\User
- property: username
- firewalls:
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- main:
- user_checker: App\Security\UserChecker
- #guard:
- # authenticators:
- # - App\Security\LoginFormAuthenticator
- remember_me:
- secret: '%kernel.secret%'
- samesite: 'lax'
- logout:
- path: app_logout
- target: app_login
- custom_authenticator: App\Security\LoginFormAuthenticator
- #lazy: true
- #provider: users_in_memory
- # activate different ways to authenticate
- # https://symfony.com/doc/current/security.html#the-firewall
- # https://symfony.com/doc/current/security/impersonating_user.html
- # switch_user: true
- # Easy way to control access for large sections of your site
- # Note: Only the *first* access control that matches will be used
- access_control:
- - { path: ^/(login$|register$|motdepasseoublie$|resetpassword/token=|activate/token=|attente$|fichefilm/|$|liste-by/|liste-by_real/|recherche|prochaines-sorties$|p/about$) , roles: PUBLIC_ACCESS }
- - { path: ^/admin, roles: ROLE_ADMIN }
- - { path: ^/genre, roles: ROLE_MODERATEUR }
- - { path: ^/p/edit, roles: ROLE_ADMIN }
- - { path: ^/, roles: IS_AUTHENTICATED_REMEMBERED }
|
