| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- security:
- # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
- password_hashers:
- Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
- # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
- providers:
- # used to reload user from session & other features (e.g. switch_user)
- app_user_provider:
- entity:
- class: App\Entity\User
- property: email
- firewalls:
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- main:
- lazy: true
- provider: app_user_provider
- login_link:
- check_route: login_check
- signature_properties: ['id', email]
- # activate different ways to authenticate
- # https://symfony.com/doc/current/security.html#the-firewall
- # https://symfony.com/doc/current/security/impersonating_user.html
- # switch_user: true
- # Easy way to control access for large sections of your site
- # Note: Only the *first* access control that matches will be used
- access_control:
- # - { path: ^/admin, roles: ROLE_ADMIN }
- # - { path: ^/profile, roles: ROLE_USER }
- - { path: ^/login, roles: PUBLIC_ACCESS }
- - { path: ^/, roles: ROLE_USER }
- when@test:
- security:
- password_hashers:
- # By default, password hashers are resource intensive and take time. This is
- # important to generate secure password hashes. In tests however, secure hashes
- # are not important, waste resources and increase test times. The following
- # reduces the work factor to the lowest possible values.
- Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
- algorithm: auto
- cost: 4 # Lowest possible value for bcrypt
- time_cost: 3 # Lowest possible value for argon
- memory_cost: 10 # Lowest possible value for argon
|
