security.yaml (2416B)
1 security: 2 enable_authenticator_manager: true 3 # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords 4 password_hashers: 5 Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto' 6 # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider 7 providers: 8 users: 9 entity: 10 class: 'App\Entity\Player' 11 property: 'username' 12 firewalls: 13 dev: 14 pattern: ^/(_(profiler|wdt)|css|images|js)/ 15 security: false 16 17 # activate different ways to authenticate 18 # https://symfony.com/doc/current/security.html#the-firewall 19 20 # https://symfony.com/doc/current/security/impersonating_user.html 21 # switch_user: true 22 login: 23 pattern: ^/api/login 24 stateless: true 25 json_login: 26 provider: users 27 check_path: /api/login_check 28 success_handler: lexik_jwt_authentication.handler.authentication_success 29 failure_handler: lexik_jwt_authentication.handler.authentication_failure 30 31 api: 32 pattern: ^/api 33 stateless: true 34 jwt: ~ 35 36 main: 37 lazy: true 38 provider: users 39 40 41 # Easy way to control access for large sections of your site 42 # Note: Only the *first* access control that matches will be used 43 access_control: 44 - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } 45 # - { path: ^/api, roles: IS_AUTHENTICATED_FULLY } 46 - { path: ^/api/admin, roles: ROLE_ADMIN } 47 - { path: ^/api/player, roles: ROLE_USER } 48 # 49 when@test: 50 security: 51 password_hashers: 52 # By default, password hashers are resource intensive and take time. This is 53 # important to generate secure password hashes. In tests however, secure hashes 54 # are not important, waste resources and increase test times. The following 55 # reduces the work factor to the lowest possible values. 56 Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 57 algorithm: auto 58 cost: 4 # Lowest possible value for bcrypt 59 time_cost: 3 # Lowest possible value for argon 60 memory_cost: 10 # Lowest possible value for argon