security:
    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        default_provider:
            entity:
                class: App\Entity\User
                property: username
                manager_name: default
    encoders:
        App\Entity\User:
            # https://symfony.com/blog/new-in-symfony-4-3-native-password-encoder
            algorithm: 'auto'
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        api:
            pattern: ^/api/
            anonymous: ~
            stateless: true
            guard:
                authenticators:
                    - App\Security\ApiTokenAuthenticator
        main:
            pattern: ^/
            anonymous: ~
            provider: default_provider
            form_login:
                login_path: user_auth_login
                check_path: user_auth_login
            logout:
                path: user_auth_logout
                target: /
            remember_me:
                secret: '%kernel.secret%'
                lifetime: 1209600
                path: /
                always_remember_me: true


    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        - { path: ^/api/v1/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/, roles: ROLE_USER }
        - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/auth/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/magnet/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, roles: ROLE_USER }