security: # https://symfony.com/doc/current/security.html#where-do-users-co

1. security:
2. # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
3. encoders:
4. Symfony\Component\Security\Core\User\User: plaintext
5.  
6. providers:
7. in_memory:
8. memory:
9. users:
10. ryan:
11. password: ryanpass
12. roles: 'ROLE_USER'
13. admin:
14. password: kitten
15. roles: 'ROLE_ADMIN'
16.  
17. firewalls:
18. login:
19. pattern: ^/api/login
20. stateless: true
21. anonymous: true
22. json_login:
23. check_path: /api/login_check
24. success_handler: lexik_jwt_authentication.handler.authentication_success
25. failure_handler: lexik_jwt_authentication.handler.authentication_failure
26.  
27. api:
28. pattern: ^/api
29. stateless: true
30. guard:
31. authenticators:
32. - lexik_jwt_authentication.jwt_token_authenticator
33.  
34. dev:
35. pattern: ^/(_(profiler|wdt)|css|images|js)/
36. security: false
37.  
38. main:
39. anonymous: true
40.  
41. # activate different ways to authenticate
42.  
43. # http_basic: true
44. # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
45.  
46. # form_login: true
47. # https://symfony.com/doc/current/security/form_login_setup.html
48.  
49. # Easy way to control access for large sections of your site
50. # Note: Only the *first* access control that matches will be used
51. access_control:
52. - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
53. - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }