forked from tarlepp/symfony-flex-backend
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsecurity.yaml
More file actions
57 lines (53 loc) · 1.88 KB
/
security.yaml
File metadata and controls
57 lines (53 loc) · 1.88 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
security:
# http://symfony.com/doc/current/cookbook/security/named_encoders.html
encoders:
Symfony\Component\Security\Core\User\User:
algorithm: argon2i
App\Entity\User:
algorithm: argon2i
# https://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
chain_provider:
chain:
providers: [user_provider, api_key_user_provider]
api_key_user_provider:
id: App\Security\ApiKeyUserProvider
user_provider:
entity:
class: App\Entity\User
# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/auth/getToken$
stateless: true
anonymous: true
json_login:
provider: user_provider
check_path: /auth/getToken
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
root:
pattern: ^/$
stateless: true
anonymous: true
api:
pattern: ^/
stateless: true
anonymous: true
simple_preauth:
provider: chain_provider
authenticator: App\Security\ApiKeyAuthenticator
guard:
provider: user_provider
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
role_hierarchy:
ROLE_API: [ROLE_LOGGED]
ROLE_USER: [ROLE_LOGGED]
ROLE_ADMIN: [ROLE_USER]
ROLE_ROOT: [ROLE_ADMIN]
access_decision_manager:
strategy: unanimous