gnu-social/config/packages/security.yaml

39 lines
1.4 KiB
YAML
Raw Normal View History

security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
users_in_memory: { memory: null }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
lazy: true
provider: users_in_memory
guard:
authenticators:
- App\Security\Authenticator
logout:
path: logout
# where to redirect after logout
target: main_all
remember_me:
secret: '%kernel.secret%'
secure: true
httponly: '%remember_me_httponly%'
samesite: '%remember_me_samesite%'
token_provider: 'Symfony\Bridge\Doctrine\Security\RememberMe\DoctrineTokenProvider'
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#firewalls-authentication
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/settings, roles: ROLE_USER }