# To get started with security, check out the documentation: # https://symfony.com/doc/current/security.html security: encoders: AppBundle\Entity\User: sha512 role_hierarchy: ROLE_ADMIN: [ROLE_USER, ROLE_MODERATEUR] ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] # https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded providers: main: entity: class: AppBundle\Entity\User property: username firewalls: # disables authentication for assets and the profiler, adapt it according to your needs dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main_login: pattern: ^/(login$|register) anonymous: true logout_on_user_change: true main: anonymous: false pattern: ^/ logout_on_user_change: true provider: main form_login: login_path: login check_path: login_check logout: path: logout target: login remember_me: secret: "%secret%" switch_user: true # activate different ways to authenticate # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate #http_basic: ~ # https://symfony.com/doc/current/security/form_login_setup.html #form_login: ~ access_control: - { path: ^/admin, roles: ROLE_ADMIN }