/
security.yaml
89 lines (83 loc) · 3.79 KB
/
security.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
security:
encoders:
Symfony\Component\Security\Core\User\UserInterface:
algorithm: bcrypt
cost: 12
role_hierarchy:
ROLE_SUPER_ADMIN: [ROLE_ADMIN]
providers:
administrators:
id: Shopsys\FrameworkBundle\Model\Administrator\Security\AdministratorUserProvider
user_identities:
id: Shopsys\FrameworkBundle\Model\Customer\User\FrontendCustomerUserProvider
frontend_api_user_identities:
id: Shopsys\FrontendApiBundle\Model\User\FrontendApiUserProvider
firewalls:
# see Shopsys\FrameworkBundle\Model\Administrator\Security\AdministratorFrontSecurityFacade
administration:
pattern: ^/(admin/|efconnect|elfinder)
user_checker: Shopsys\FrameworkBundle\Model\Security\AdministratorChecker
anonymous: ~
provider: administrators
access_denied_url: "/admin/access-denied/"
form_login:
check_path: admin_login_check
login_path: admin_login
default_target_path: admin_default_dashboard
use_referer: true
username_parameter: "admin_login_form[username]"
password_parameter: "admin_login_form[password]"
csrf_parameter: "admin_login_form[_token]"
logout:
path: admin_logout
success_handler: Shopsys\FrameworkBundle\Model\Security\AdminLogoutHandler
csrf_parameter: _csrf_token
csrf_token_generator: security.csrf.token_manager
csrf_token_id: admin_logout
invalidate_session: false
frontend_api:
pattern: ^/graphql
provider: frontend_api_user_identities
stateless: true
anonymous: true
guard:
authenticators:
- Shopsys\FrontendApiBundle\Model\Token\TokenAuthenticator
frontend:
pattern: ^/
anonymous: ~
provider: user_identities
form_login:
check_path: front_login_check
login_path: front_login
username_parameter: "front_login_form[email]"
password_parameter: "front_login_form[password]"
csrf_parameter: "front_login_form[_token]"
success_handler: Shopsys\FrameworkBundle\Model\Security\CustomerLoginHandler
failure_handler: Shopsys\FrameworkBundle\Model\Security\CustomerLoginHandler
remember_me: true
remember_me:
secret: "%secret%"
lifetime: 2592000 # 30 days
path: /
domain: ~
remember_me_parameter: "front_login_form[rememberMe]"
logout:
path: front_logout
success_handler: Shopsys\FrameworkBundle\Model\Security\FrontLogoutHandler
csrf_parameter: _csrf_token
csrf_token_generator: security.csrf.token_manager
csrf_token_id: frontend_logout
invalidate_session: false
access_control:
# same pattern must be in routing_front.yaml
- { path: ^/login-as-remembered-user/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/superadmin/, roles: ROLE_SUPER_ADMIN }
- { path: ^/admin/cron/*, roles: ROLE_SUPER_ADMIN }
- { path: ^/admin/translation/list/$, roles: ROLE_SUPER_ADMIN }
- { path: ^/admin/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/authorization/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, roles: ROLE_ADMIN }
- { path: ^/efconnect, roles: ROLE_ADMIN }
- { path: ^/elfinder, roles: ROLE_ADMIN }
- { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY }