-
Notifications
You must be signed in to change notification settings - Fork 54
/
security.yaml
53 lines (49 loc) · 1.86 KB
/
security.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
security:
# http://symfony.com/doc/current/cookbook/security/named_encoders.html
encoders:
App\Security\SecurityUser:
algorithm: auto
# https://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
chain_provider:
chain:
providers: [security_user_provider, api_key_user_provider]
security_user_provider:
id: App\Security\Provider\SecurityUserFactory
api_key_user_provider:
id: App\Security\Provider\ApiKeyUserProvider
# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/auth/getToken$
stateless: true
anonymous: true
json_login:
provider: security_user_provider
check_path: /auth/getToken
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: App\Security\Handler\TranslatedAuthenticationFailureHandler
root:
pattern: ^/$
stateless: true
anonymous: true
api:
pattern: ^/
stateless: true
anonymous: true
guard:
provider: security_user_provider
authenticators:
- App\Security\Authenticator\ApiKeyAuthenticator
- lexik_jwt_authentication.jwt_token_authenticator
entry_point: lexik_jwt_authentication.jwt_token_authenticator
role_hierarchy:
ROLE_API: [ROLE_LOGGED]
ROLE_USER: [ROLE_LOGGED]
ROLE_ADMIN: [ROLE_USER]
ROLE_ROOT: [ROLE_ADMIN]
access_decision_manager:
strategy: unanimous