51 lines
1.8 KiB
YAML
51 lines
1.8 KiB
YAML
|
security:
|
||
|
|
password_hashers:
|
||
|
|
Symfony\Component\Security\Core\User\LegacyPasswordAuthenticatedUserInterface:
|
||
|
|
id: 'App\Service\PasswordEncoder'
|
||
|
|
|
||
|
|
providers:
|
||
|
|
main:
|
||
|
|
entity:
|
||
|
|
class: App\Entity\User
|
||
|
|
property: username
|
||
|
|
|
||
|
|
firewalls:
|
||
|
|
dev:
|
||
|
|
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
||
|
|
security: false
|
||
|
|
|
||
|
|
main:
|
||
|
|
pattern: ^/
|
||
|
|
provider: main
|
||
|
|
context: maincontext
|
||
|
|
form_login:
|
||
|
|
login_path: app_login
|
||
|
|
check_path: app_login
|
||
|
|
default_target_path: app_home
|
||
|
|
use_referer: true
|
||
|
|
csrf_parameter: _csrf_security_token
|
||
|
|
csrf_token_id: a_private_string
|
||
|
|
|
||
|
|
logout:
|
||
|
|
invalidate_session: true
|
||
|
|
path: app_kill
|
||
|
|
target: app_home
|
||
|
|
|
||
|
|
access_control:
|
||
|
|
- { path: ^/user, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM, ROLE_USER] }
|
||
|
|
- { path: ^/modo, roles: [ROLE_ADMIN, ROLE_MODO] }
|
||
|
|
- { path: ^/admin, roles: [ROLE_ADMIN] }
|
||
|
|
|
||
|
|
when@test:
|
||
|
|
security:
|
||
|
|
password_hashers:
|
||
|
|
# By default, password hashers are resource intensive and take time. This is
|
||
|
|
# important to generate secure password hashes. In tests however, secure hashes
|
||
|
|
# are not important, waste resources and increase test times. The following
|
||
|
|
# reduces the work factor to the lowest possible values.
|
||
|
|
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
|
||
|
|
algorithm: auto
|
||
|
|
cost: 4 # Lowest possible value for bcrypt
|
||
|
|
time_cost: 3 # Lowest possible value for argon
|
||
|
|
memory_cost: 10 # Lowest possible value for argon
|