security:
    password_hashers:
        Symfony\Component\Security\Core\User\LegacyPasswordAuthenticatedUserInterface:
            id: 'App\Service\PasswordEncoder'

    providers:
        main:
            entity:
                class: App\Entity\User
                property: username

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            pattern:   ^/
            provider:  main
            context: maincontext
            user_checker: App\Service\UserChecker
            form_login:
                login_path: app_login
                check_path: app_login
                default_target_path: app_home
                use_referer: true
                csrf_parameter: _csrf_security_token
                csrf_token_id: a_private_string

            logout:
                invalidate_session: true
                path: app_kill
                target: app_home

    access_control:
        - { path: ^/all, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_MASTER, ROLE_MANAGER, ROLE_USER] }
        - { path: ^/user, roles: [ROLE_USER] }
        - { path: ^/manager, roles: [ROLE_MANAGER] }
        - { path: ^/master, roles: [ROLE_MASTER] }
        - { path: ^/modo, roles: [ROLE_MODO] }
        - { path: ^/admin, roles: [ROLE_ADMIN] }

when@test:
    security:
        password_hashers:
            # By default, password hashers are resource intensive and take time. This is
            # important to generate secure password hashes. In tests however, secure hashes
            # are not important, waste resources and increase test times. The following
            # reduces the work factor to the lowest possible values.
            Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
                algorithm: auto
                cost: 4 # Lowest possible value for bcrypt
                time_cost: 3 # Lowest possible value for argon
                memory_cost: 10 # Lowest possible value for argon