Advertisement
Guest User

Untitled

a guest
Mar 15th, 2017
426
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.77 KB | None | 0 0
  1. $this->getUser()
  2. $this->container->get('security.token_storage')->getToken()->getUser()
  3. $this->container->get('security.context')->getToken()->getUser()
  4.  
  5. imports:
  6. - { resource: parameters.yml }
  7. - { resource: security.yml }
  8. - { resource: services.yml }
  9. - { resource: "@AdsElasticSearchBundle/Resources/config/services.yml" }
  10. - { resource: "@AdsElasticSearchBundle/Resources/config/fos_elastica.yml" }
  11. - { resource: "@AdsBotcoinBundle/Resources/config/services.yml" }
  12.  
  13. # Put parameters here that don't need to change on each machine where the app is deployed
  14. # http://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
  15. parameters:
  16. locale: en
  17.  
  18. framework:
  19. #esi: ~
  20. translator: { fallbacks: ["%locale%"] }
  21. secret: "%secret%"
  22. router:
  23. resource: "%kernel.root_dir%/config/routing.yml"
  24. strict_requirements: ~
  25. form: ~
  26. csrf_protection: ~
  27. validation: { enable_annotations: true }
  28. #serializer: { enable_annotations: true }
  29. serializer:
  30. enabled: false
  31. templating:
  32. engines: ['twig']
  33. default_locale: fr
  34. trusted_hosts: ~
  35. trusted_proxies: ~
  36. session:
  37. # handler_id set to null will use default session handler from php.ini
  38. handler_id: ~
  39. fragments: ~
  40. http_method_override: true
  41.  
  42. # Twig Configuration
  43. twig:
  44. debug: "%kernel.debug%"
  45. strict_variables: "%kernel.debug%"
  46. number_format:
  47. decimals: 0
  48. decimal_point: ','
  49. thousands_separator: ' '
  50.  
  51. # Doctrine Configuration
  52. doctrine:
  53. dbal:
  54. driver: pdo_mysql
  55. host: "%database_host%"
  56. port: "%database_port%"
  57. dbname: "%database_name%"
  58. user: "%database_user%"
  59. password: "%database_password%"
  60. charset: UTF8
  61. types:
  62. json: SonataDoctrineTypesJsonType
  63. # if using pdo_sqlite as your database driver:
  64. # 1. add the path in parameters.yml
  65. # e.g. database_path: "%kernel.root_dir%/data/data.db3"
  66. # 2. Uncomment database_path in parameters.yml.dist
  67. # 3. Uncomment next line:
  68. #path: "%database_path%"
  69.  
  70. orm:
  71. auto_generate_proxy_classes: "%kernel.debug%"
  72. naming_strategy: doctrine.orm.naming_strategy.underscore
  73. auto_mapping: true
  74.  
  75. # Swiftmailer Configuration
  76. swiftmailer:
  77. transport: "%mailer_transport%"
  78. host: "%mailer_host%"
  79. username: "%mailer_user%"
  80. password: "%mailer_password%"
  81. spool: { type: memory }
  82.  
  83. sonata_block:
  84. default_contexts: [cms]
  85. blocks:
  86. sonata.admin.block.admin_list:
  87. contexts: [admin]
  88.  
  89. #sonata.admin_doctrine_orm.block.audit:
  90. # contexts: [admin]
  91.  
  92. sonata.block.service.text:
  93. sonata.block.service.rss:
  94.  
  95. # Some specific block from the SonataMediaBundle
  96. #sonata.media.block.media:
  97. #sonata.media.block.gallery:
  98. #sonata.media.block.feature_media:
  99.  
  100. # Some block with different templates
  101. #acme.demo.block.demo:
  102. # templates:
  103. # - { name: 'Simple', template: 'AcmeDemoBundle:Block:demo_simple.html.twig' }
  104. # - { name: 'Big', template: 'AcmeDemoBundle:Block:demo_big.html.twig' }
  105.  
  106. sonata_user:
  107. security_acl: true
  108. manager_type: orm # can be orm or mongodb
  109.  
  110. sonata_block:
  111. blocks:
  112. #...
  113. sonata.user.block.menu: # used to display the menu in profile pages
  114. sonata.user.block.account: # used to display menu option (login option)
  115. sonata.block.service.text: # used to if you plan to use Sonata user routes
  116.  
  117. # app/config/security.yml
  118. security:
  119. # [...]
  120.  
  121. encoders:
  122. FOSUserBundleModelUserInterface: sha512
  123.  
  124. acl:
  125. connection: default
  126.  
  127. fos_user:
  128. db_driver: orm # can be orm or odm
  129. firewall_name: main
  130. user_class: ApplicationSonataUserBundleEntityUser
  131.  
  132.  
  133. group:
  134. group_class: ApplicationSonataUserBundleEntityGroup
  135. group_manager: sonata.user.orm.group_manager # If you're using doctrine orm (use sonata.user.mongodb.group_manager for mongodb)
  136.  
  137. service:
  138. user_manager: sonata.user.orm.user_manager # If you're using doctrine orm (use sonata.user.mongodb.user_manager for mongodb)
  139.  
  140. doctrine:
  141.  
  142. dbal:
  143. types:
  144. json: SonataDoctrineTypesJsonType
  145.  
  146. doctrine:
  147. orm:
  148. entity_managers:
  149. default:
  150. mappings:
  151. ApplicationSonataUserBundle: ~
  152. SonataUserBundle: ~
  153. FOSUserBundle: ~ # If SonataUserBundle extends it
  154.  
  155. #fos_rest:
  156. # routing_loader:
  157. # include_format: false
  158. # view:
  159. # view_response_listener: true
  160.  
  161. fos_rest:
  162. param_fetcher_listener: true
  163. body_listener: true
  164. format_listener: true
  165. view:
  166. view_response_listener: 'force'
  167. formats:
  168. xml: true
  169. json : true
  170. mime_types:
  171. json: ['application/json', 'application/x-json']
  172. jpg: ['image/jpeg']
  173. png: ['image/png']
  174. templating_formats:
  175. html: true
  176. force_redirects:
  177. html: true
  178. failed_validation: HTTP_BAD_REQUEST
  179. default_engine: twig
  180. routing_loader:
  181. default_format: json
  182. serializer:
  183. serialize_null: true
  184.  
  185. jms_serializer:
  186. handlers:
  187. datetime:
  188. default_format: "Y-m-d\TH:i:sP"
  189. default_timezone: "UTC"
  190.  
  191. lexik_jwt_authentication:
  192. private_key_path: '%jwt_private_key_path%'
  193. public_key_path: '%jwt_public_key_path%'
  194. pass_phrase: '%jwt_key_pass_phrase%'
  195. token_ttl: '%jwt_token_ttl%'
  196. # key under which the user identity will be stored in the token payload
  197. user_identity_field: username
  198. # token encoding/decoding settings
  199. encoder:
  200. # token encoder/decoder service - default implementation based on the namshi/jose library
  201. service: lexik_jwt_authentication.encoder.default
  202. # crypto engine used by the encoder service
  203. crypto_engine: openssl
  204. # encryption algorithm used by the encoder service
  205. signature_algorithm: RS256
  206.  
  207. # token extraction settings
  208. token_extractors:
  209. authorization_header: # look for a token as Authorization Header
  210. enabled: true
  211. prefix: Bearer
  212. name: Authorization
  213. cookie: # check token in a cookie
  214. enabled: true
  215. name: BEARER
  216. query_parameter: # check token in query string parameter
  217. enabled: true
  218. name: bearer
  219.  
  220. nelmio_cors:
  221. defaults:
  222. allow_credentials: false
  223. allow_origin: []
  224. allow_headers: []
  225. allow_methods: []
  226. expose_headers: []
  227. max_age: 0
  228. hosts: []
  229. origin_regex: false
  230. forced_allow_origin_value: ~
  231. paths:
  232. '^/api/':
  233. allow_origin: ['*']
  234. allow_headers: ['*']
  235. allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
  236. max_age: 3600
  237. '^/':
  238. origin_regex: true
  239. allow_origin: ['^http://localhost:[0-9]+']
  240. allow_headers: ['X-Custom-Auth']
  241. allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
  242. max_age: 3600
  243. hosts: ['^api.']
  244.  
  245. # To get started with security, check out the documentation:
  246. # http://symfony.com/doc/current/security.html
  247. security:
  248.  
  249. role_hierarchy:
  250. ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN]
  251. ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
  252. SONATA:
  253. - ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are using acl then this line must be commented
  254.  
  255. providers:
  256. #jwt:
  257. # lexik_jwt:
  258. # class: ApplicationSonataUserBundleEntityUser
  259. #chain_provider:
  260. # chain:
  261. # providers: [in_memory, fos_userbundle]
  262. fos_userbundle:
  263. #id: fos_user.user_manager
  264. id: fos_user.user_provider.username
  265. #in_memory:
  266. # memory:
  267. # users:
  268. # user: { password: password, roles: [ 'ROLE_USER' ] }
  269. # admin: { password: password, roles: [ 'ROLE_ADMIN' ] }
  270.  
  271. encoders:
  272. FOSUserBundleModelUserInterface: bcrypt
  273.  
  274. firewalls:
  275. # Disabling the security for the web debug toolbar, the profiler and Assetic.
  276. dev:
  277. pattern: ^/(_(profiler|wdt)|css|images|js)/
  278. security: false
  279.  
  280. # -> custom firewall for the admin area of the URL
  281. admin:
  282. pattern: /admin(.*)
  283. context: user
  284. form_login:
  285. provider: fos_userbundle
  286. login_path: /admin/login
  287. use_forward: false
  288. check_path: /admin/login_check
  289. failure_path: null
  290. always_use_default_target_path: true
  291. default_target_path: /admin/dashboard
  292. logout:
  293. path: /admin/logout
  294. target: /admin/login
  295. anonymous: true
  296.  
  297. api_login:
  298. pattern: ^/api/login
  299. stateless: true
  300. anonymous: false
  301. #provider: fos_userbundle
  302. form_login:
  303. provider: fos_userbundle
  304. check_path: /api/login_check
  305. success_handler: lexik_jwt_authentication.handler.authentication_success
  306. failure_handler: lexik_jwt_authentication.handler.authentication_failure
  307. require_previous_session: false
  308. username_parameter: username
  309. password_parameter: password
  310. logout: true
  311.  
  312. api:
  313. pattern: ^/api
  314. #provider: fos_userbundle
  315. stateless: true
  316. lexik_jwt: ~
  317. guard:
  318. authenticators:
  319. - lexik_jwt_authentication.jwt_token_authenticator
  320. #- ads_elastic_search.jwt_token_authenticator
  321. #lexik_jwt:
  322. # authorization_header:
  323. # enabled: true
  324. # prefix: Bearer
  325. # query_parameter:
  326. # enabled: true
  327. # name: bearer
  328. #lexik_jwt:
  329. # authorization_header:
  330. # enabled: true
  331. # prefix: Bearer
  332. # query_parameter:
  333. # enabled: false
  334. # name: bearer
  335. # throw_exceptions: true
  336. # create_entry_point: false
  337. # authentication_provider: lexik_jwt_authentication.security.authentication.provider
  338.  
  339. #guard:
  340. # authenticators:
  341. # - lexik_jwt_authentication.jwt_token_authenticator
  342.  
  343. # -> end custom configuration
  344.  
  345. # default login area for standard users
  346.  
  347. # This firewall is used to handle the public login area
  348. # This part is handled by the FOS User Bundle
  349. main:
  350. pattern: .*
  351. context: user
  352. form_login:
  353. provider: fos_userbundle
  354. login_path: /login
  355. use_forward: false
  356. check_path: /login_check
  357. failure_path: null
  358. logout: true
  359. anonymous: true
  360.  
  361. access_control:
  362. # URL of FOSUserBundle which need to be available to anonymous users
  363. - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
  364. - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
  365. - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
  366.  
  367. # Admin login page needs to be accessed without credential
  368. - { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
  369. - { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
  370. - { path: ^/admin/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
  371. - { path: ^/admin/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
  372.  
  373. # Secured part of the site
  374. # This config requires being logged for the whole site and having the admin role for the admin part.
  375. # Change these rules to adapt them to your needs
  376. - { path: ^/admin/, role: [ROLE_ADMIN, ROLE_SONATA_ADMIN] }
  377. - { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
  378.  
  379. # Api
  380. - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
  381. - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
  382. - { path: ^/api/token/refresh, roles: IS_AUTHENTICATED_ANONYMOUSLY }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement