Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- security:
- # https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
- providers:
- in_memory:
- memory: ~
- user_provider:
- id: platform.user.provider
- firewalls:
- # disables authentication for assets and the profiler, adapt it according to your needs
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- login:
- pattern: ^/login$
- anonymous: ~
- oauth_token:
- pattern: ^/oauth/v2/token
- security: false
- oauth_authorize:
- pattern: ^/oauth/v2/auth
- form_login:
- provider: user_provider
- check_path: /oauth/v2/auth_login_check
- login_path: /oauth/v2/auth_login
- anonymous: true
- api:
- pattern: ^/api/.*
- fos_oauth: true
- stateless: true
- main:
- anonymous: ~
- # activate different ways to authenticate
- # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
- #http_basic: ~
- # https://symfony.com/doc/current/security/form_login_setup.html
- #form_login: ~
- secured_area:
- pattern: ^/
- form_login:
- provider: user_provider
- check_path: login
- login_path: login_check
- logout:
- path: /logout
- target: /login
- encoders:
- SsoBundleEntityUser:
- algorithm: sha1
- encode_as_base64: false
- iterations: 1
- role_hierarchy:
- ROLE_ADMIN: ROLE_USER
- ROLE_SUPER_ADMIN: ROLE_ADMIN
- access_control:
- - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
- - { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
- - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- <?php
- namespace AppBundleController;
- use SymfonyBundleFrameworkBundleControllerController;
- use SymfonyComponentHttpFoundationRequest;
- use SymfonyComponentSecurityCoreSecurity;
- class SecurityController extends Controller
- {
- const ACCESS_DENIED_ERROR = '_security.403_error';
- const AUTHENTICATION_ERROR = '_security.last_error';
- const LAST_USERNAME = '_security.last_username';
- const MAX_USERNAME_LENGTH = 4096;
- public function loginAction(Request $request)
- {
- $session = $request->getSession();
- if ($request->attributes->has(self::AUTHENTICATION_ERROR)) {
- $error = $request->attributes->get(self::AUTHENTICATION_ERROR);
- } elseif (null !== $session && $session->has(self::AUTHENTICATION_ERROR)) {
- $error = $session->get(self::AUTHENTICATION_ERROR);
- $session->remove(self::AUTHENTICATION_ERROR);
- } else {
- $error = '';
- }
- if ($error) {
- $error = $error->getMessage(); // WARNING! Symfony source code identifies this line as a potential security threat.
- }
- $lastUsername = (null === $session) ? '' : $session->get(self::LAST_USERNAME);
- // // Add the following lines
- // if ($session->has('_security.target_path')) {
- // if (false !== strpos($session->get('_security.target_path'), $this->generateUrl('fos_oauth_server_authorize'))) {
- // $session->set('_fos_oauth_server.ensure_logout', true);
- // }
- // }
- return $this->render(
- 'AppBundle:Security:login.html.twig',
- array(
- // 'last_username' => $session->get(Security::LAST_USERNAME),
- 'last_username' => $session->get(Security::LAST_USERNAME),
- 'error' => $error,
- )
- );
- }
- public function loginCheckAction(Request $request)
- {
- }
- }
- app:
- resource: '@AppBundle/Controller/'
- type: annotation
- fos_oauth_server_token:
- resource: "@FOSOAuthServerBundle/Resources/config/routing/token.xml"
- fos_oauth_server_authorize:
- resource: "@FOSOAuthServerBundle/Resources/config/routing/authorize.xml"
- acme_oauth_server_auth_login:
- path: /oauth/v2/auth_login
- defaults: { _controller: AppBundle:Security:login }
- acme_oauth_server_auth_login_check:
- path: /oauth/v2/auth_login_check
- defaults: { _controller: AppBundle:Security:loginCheck }
- user:
- path: /api/user
- defaults: { _controller: AppBundle:Api:user }
- # Security
- logout:
- path: /logout
Add Comment
Please, Sign In to add comment