magnetico-web/config/packages/security.yaml

security:
    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        default_provider:
            entity:
                class: App\Entity\User
                property: username
                manager_name: default
    encoders:
        App\Entity\User:
            # https://symfony.com/blog/new-in-symfony-4-3-native-password-encoder
            algorithm: 'auto'
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        api:
            pattern: ^/api/
            anonymous: ~
            stateless: true
            guard:
                authenticators:
                    - App\Security\ApiTokenAuthenticator
        main:
            pattern: ^/
            anonymous: ~
            provider: default_provider
            form_login:
                login_path: user_auth_login
                check_path: user_auth_login
            logout:
                path: user_auth_logout
                target: /
            remember_me:
                secret: '%kernel.secret%'
                lifetime: 1209600
                path: /
                always_remember_me: true


    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        - { path: ^/api/v1/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/, roles: ROLE_USER }
        - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/auth/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/magnet/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, roles: ROLE_USER }
composer require security-bundle 2018-06-23 15:00:37 +00:00			`security:`
			`# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers`
			`providers:`
API token auth using Guard implementation added. 2018-06-25 21:56:32 +00:00			`default_provider:`
Basic login functionality added. 2018-06-25 01:02:27 +00:00			`entity:`
			`class: App\Entity\User`
			`property: username`
			`manager_name: default`
User registration implemented: registration form, user:add command. User creation time and roles are now stored in the DB. Simple invite system implemented. 2018-06-24 22:42:26 +00:00			`encoders:`
			`App\Entity\User:`
Changed password encoding algorithm to 'auto'. 2020-01-17 22:48:29 +00:00			`# https://symfony.com/blog/new-in-symfony-4-3-native-password-encoder`
			`algorithm: 'auto'`
composer require security-bundle 2018-06-23 15:00:37 +00:00			`firewalls:`
			`dev:`
			`pattern: ^/(_(profiler\|wdt)\|css\|images\|js)/`
			`security: false`
Basic login functionality added. 2018-06-25 01:02:27 +00:00			`api:`
			`pattern: ^/api/`
anonymous set to '~' in 'api' firewall. 2018-06-26 17:34:35 +00:00			`anonymous: ~`
Api firewall is now defined as stateless. 2018-06-25 16:59:51 +00:00			`stateless: true`
Deprecated Controller extending removed. Moved to Guard component from deprecated SimplePreAuthenticatorInterface. Small crutch added to the new ApiTokenAuthenticator to handle 'api-token' header retrieval. 2019-01-18 17:27:38 +00:00			`guard:`
			`authenticators:`
			`- App\Security\ApiTokenAuthenticator`
Basic login functionality added. 2018-06-25 01:02:27 +00:00			`main:`
			`pattern: ^/`
			`anonymous: ~`
API token auth using Guard implementation added. 2018-06-25 21:56:32 +00:00			`provider: default_provider`
Basic login functionality added. 2018-06-25 01:02:27 +00:00			`form_login:`
Password reset implemented, some refactoring, Sentry SDK and bundle upgraded, some routes changed. PHP requirements is up to 7.3.0. 2020-01-20 17:01:51 +00:00			`login_path: user_auth_login`
			`check_path: user_auth_login`
Basic login functionality added. 2018-06-25 01:02:27 +00:00			`logout:`
Password reset implemented, some refactoring, Sentry SDK and bundle upgraded, some routes changed. PHP requirements is up to 7.3.0. 2020-01-20 17:01:51 +00:00			`path: user_auth_logout`
Basic login functionality added. 2018-06-25 01:02:27 +00:00			`target: /`
			`remember_me:`
			`secret: '%kernel.secret%'`
Remember Me is now twice as long 2018-10-26 00:11:32 +00:00			`lifetime: 1209600`
Basic login functionality added. 2018-06-25 01:02:27 +00:00			`path: /`
			`always_remember_me: true`
composer require security-bundle 2018-06-23 15:00:37 +00:00

			`# Easy way to control access for large sections of your site`
			`# Note: Only the first access control that matches will be used`
			`access_control:`
small config changes. 2018-06-26 17:48:52 +00:00			`- { path: ^/api/v1/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }`
API token auth using Guard implementation added. 2018-06-25 21:56:32 +00:00			`- { path: ^/api/, roles: ROLE_USER }`
Basic login functionality added. 2018-06-25 01:02:27 +00:00			`- { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }`
Password reset implemented, some refactoring, Sentry SDK and bundle upgraded, some routes changed. PHP requirements is up to 7.3.0. 2020-01-20 17:01:51 +00:00			`- { path: ^/auth/, roles: IS_AUTHENTICATED_ANONYMOUSLY }`
Fixing route prefixes. 2019-01-29 18:16:17 +00:00			`- { path: ^/register/, roles: IS_AUTHENTICATED_ANONYMOUSLY }`
			`- { path: ^/magnet/, roles: IS_AUTHENTICATED_ANONYMOUSLY }`
Basic login functionality added. 2018-06-25 01:02:27 +00:00			`- { path: ^/, roles: ROLE_USER }`