security: # https://symfony.com/doc/current/security.html#where-do-users-co

1. security:
2. # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
3. encoders:
4. App\Entity\User:
5. algorithm: bcrypt
6.  
7. providers:
8. entity_provider:
9. entity:
10. class: App\Entity\User
11. property: username
12. firewalls:
13. dev:
14. pattern: ^/(_(profiler|wdt)|css|images|js)/
15. security: false
16.  
17. login:
18. pattern: ^/login
19. stateless: true
20. anonymous: true
21. json_login:
22. check_path: /login_check
23. success_handler: lexik_jwt_authentication.handler.authentication_success
24. failure_handler: lexik_jwt_authentication.handler.authentication_failure
25.  
26. register:
27. pattern: ^/register
28. stateless: true
29. anonymous: true
30.  
31. api:
32. pattern: ^/api/.*\S.*
33. #pattern: ^/api
34. stateless: true
35. anonymous: false
36. provider: entity_provider
37. guard:
38. authenticators:
39. - lexik_jwt_authentication.jwt_token_authenticator
40.  
41. main:
42. anonymous: true
43.  
44. # activate different ways to authenticate
45.  
46. # http_basic: true
47. # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
48.  
49. # form_login: true
50. # https://symfony.com/doc/current/security/form_login_setup.html
51.  
52. # Easy way to control access for large sections of your site
53. # Note: Only the *first* access control that matches will be used
54. access_control:
55. # - { path: ^/admin, roles: ROLE_ADMIN }
56. # - { path: ^/profile, roles: ROLE_USER }
57. # - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }