Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # To get started with security, check out the documentation:
- # http://symfony.com/doc/current/book/security.html
- security:
- encoders:
- ProjectEntityUser:
- algorithm: bcrypt
- cost: 15
- FOSUserBundleModelUserInterface:
- algorithm: bcrypt
- cost: 15
- role_hierarchy:
- ROLE_STAFF: [ROLE_USER]
- ROLE_CLIENT: [ROLE_STAFF, ROLE_USER]
- ROLE_ADMIN: [ROLE_CLIENT, ROLE_USER]
- ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
- # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
- providers:
- chain_provider:
- chain:
- providers: [in_memory, users, admins]
- in_memory:
- memory:
- users:
- user: { password: userpass, roles: [ 'ROLE_USER' ] }
- staff: { password: userpass, roles: [ 'ROLE_STAFF' ] }
- client: { password: userpass, roles: [ 'ROLE_CLIENT' ] }
- admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
- users:
- entity: { class: ProjectEntityUser, property: email }
- admins:
- entity: { class: ProjectEntityUser, property: username }
- firewalls:
- # EXCLUDE FROM OAUTH
- api_init:
- pattern: ^/api/init
- security: false
- stateless: true
- api_user_password_reset:
- pattern: ^/api/user/password
- security: false
- methods: [POST]
- api_facebook_connect:
- pattern: ^/api/facebook-connect
- security: false
- stateless: true
- api_register:
- pattern: ^/api/register
- security: false
- stateless: true
- api_login:
- pattern: ^/api/login
- security: false
- stateless: true
- # OAUTH API
- oauth_token:
- pattern: ^/oauth/v2/token
- security: false
- oauth_authorize:
- pattern: ^/oauth/v2/auth
- form_login:
- provider: users
- login_path: _demo_login
- check_path: _security_check
- anonymous: true
- api:
- pattern: ^/api
- fos_oauth: true
- stateless: true
- anonymous: false
- # disables authentication for assets and the profiler, adapt it according to your needs
- dev:
- pattern: ^/(_(profiler|wdt)|css|images|js)/
- security: false
- cms:
- pattern: ^/
- provider: admins
- form_login:
- login_path: /
- check_path: /login_check
- remember_me: true
- csrf_provider: security.csrf.token_manager
- csrf_parameter: _csrf_security_token
- use_referer: true
- remember_me:
- key: "%secret%"
- always_remember_me: true
- logout:
- path: /cms/logout
- target: login
- security: true
- anonymous: ~
- access_control:
- - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
- - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/cms/error/page, role: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/cms, roles: [ROLE_CLIENT, ROLE_ADMIN] }
- - { path: ^/cms/clients, roles: ROLE_ADMIN }
- - { path: ^/, role: IS_AUTHENTICATED_ANONYMOUSLY }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement