API tools faq
paste
Advertisement
pog

security.yml

pog
Sep 11th, 2015
70
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 2.49 KB | None | 0 0
raw download clone embed print report
  1. security:
  2.     encoders:
  3.        # Our use class and the algorithm we'll use to encode passwords
  4.         # http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
  5.         AppBundle\Entity\Identity:
  6.             algorithm: bcrypt
  7.             cost:     15
  8. #        AppBundle\Entity\Identity:
  9. #            algorithm:            pbkdf2
  10. #            hash_algorithm:       sha512
  11. #            encode_as_base64:     true
  12. #            iterations:           10
  13. #            key_length:           40
  14.  
  15.     providers:
  16.        # in this example, users are stored via Doctrine in the database
  17.         # To see the users at src/AppBundle/DataFixtures/ORM/LoadFixtures.php
  18.         # To load users from somewhere else: http://symfony.com/doc/current/cookbook/security/custom_provider.html
  19.         database_users:
  20.             entity: { class: AppBundle:Identity, property: email }
  21.  
  22.     # http://symfony.com/doc/current/book/security.html#firewalls-authentication
  23.     firewalls:
  24.         bundle_data:
  25.             pattern: ^/bundles
  26.             security: false
  27.  
  28.         dev:
  29.             pattern: ^/(_(profiler|wdt)|css|images|js)/
  30.             security: false
  31.  
  32.         secured_area:
  33.            # this firewall applies to all URLs
  34.             pattern: ^/
  35.  
  36.             # but the firewall does not require login on every page
  37.             # denying access is done in access_control or in your controllers
  38.             anonymous: ~
  39.  
  40.             # This allows the user to login by submitting a username and password
  41.             # Reference: http://symfony.com/doc/current/cookbook/security/form_login.html
  42.             form_login:
  43.                # The route name that the login form submits to
  44.                 check_path: account_authenticate
  45.                 # The name of the route where the login form lives
  46.                 # When the user tries to access a protected page, they are redirected here
  47.                 login_path: account_login
  48.  
  49.             logout:
  50.                # The route name the user can go to in order to logout
  51.                 path: account_logout
  52.                 # The name of the route to redirect to after logging out
  53.                 target: homepage
  54.  
  55.     access_control:
  56.         - { path: ^/[a-z]+/account/(renew-credentials|login|register|thank-you), role: IS_AUTHENTICATED_ANONYMOUSLY }
  57.         - { path: ^/bundles, role: IS_AUTHENTICATED_ANONYMOULSY }
  58.         - { path: ^/[a-z]+/admin, role: ROLE_ADMIN }
  59.         - { path: ^/, roles: IS_AUTHENTICATED_REMEMBERED }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!