1+ security:
2+ # role_hierarchy:
3+ # ROLE_ADMIN: [ROLE_USER]
4+ #
5+ # enable_authenticator_manager: true
6+ # # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
7+ # password_hashers:
8+ # Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
9+ # App\Entity\User:
10+ # algorithm: auto
11+ #
12+ # # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
13+ # providers:
14+ # # used to reload user from session & other features (e.g. switch_user)
15+ # app_user_provider:
16+ # id: App\Security\UserProvider
17+
18+ firewalls:
19+ dev:
20+ pattern: ^/(_(profiler|wdt)|css|images|js)/
21+ security: false
22+ # api:
23+ # pattern: ^/api/
24+ # stateless: true
25+ # provider: app_user_provider
26+ # jwt: ~
27+ # main:
28+ # stateless: true
29+ # provider: app_user_provider
30+ # json_login:
31+ # check_path: /authentication_token
32+ # username_path: email
33+ # password_path: password
34+ # success_handler: lexik_jwt_authentication.handler.authentication_success
35+ # failure_handler: lexik_jwt_authentication.handler.authentication_failure
36+
37+ # activate different ways to authenticate
38+ # https://symfony.com/doc/current/security.html#the-firewall
39+
40+ # https://symfony.com/doc/current/security/impersonating_user.html
41+ # switch_user: true
42+
43+ # Easy way to control access for large sections of your site
44+ # Note: Only the *first* access control that matches will be used
45+ access_control:
46+ - { path: ^/docs, roles: PUBLIC_ACCESS } # Allows accessing the Swagger UI
47+ - { path: ^/authentication_token, roles: PUBLIC_ACCESS }
48+ #- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
49+
50+ when@test:
51+ security:
52+ password_hashers:
53+ # By default, password hashers are resource intensive and take time. This is
54+ # important to generate secure password hashes. In tests however, secure hashes
55+ # are not important, waste resources and increase test times. The following
56+ # reduces the work factor to the lowest possible values.
57+ Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
58+ algorithm: auto
59+ cost: 4 # Lowest possible value for bcrypt
60+ time_cost: 3 # Lowest possible value for argon
61+ memory_cost: 10 # Lowest possible value for argon
62+ ===
63+ $data['security']['providers'] = [
64+ 'app_user_provider' => [
65+ 'entity' => [
66+ 'class' => 'App\Entity\User',
67+ 'property' => 'email',
68+ ],
69+ ],
70+ ];
71+ ===
72+ security:
73+ # role_hierarchy:
74+ # ROLE_ADMIN: [ROLE_USER]
75+ #
76+ # enable_authenticator_manager: true
77+ # # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
78+ # password_hashers:
79+ # Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
80+ # App\Entity\User:
81+ # algorithm: auto
82+ #
83+ # # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
84+ # providers:
85+ # # used to reload user from session & other features (e.g. switch_user)
86+ # app_user_provider:
87+ # id: App\Security\UserProvider
88+
89+ firewalls:
90+ dev:
91+ pattern: ^/(_(profiler|wdt)|css|images|js)/
92+ security: false
93+ # api:
94+ # pattern: ^/api/
95+ # stateless: true
96+ # provider: app_user_provider
97+ # jwt: ~
98+ # main:
99+ # stateless: true
100+ # provider: app_user_provider
101+ # json_login:
102+ # check_path: /authentication_token
103+ # username_path: email
104+ # password_path: password
105+ # success_handler: lexik_jwt_authentication.handler.authentication_success
106+ # failure_handler: lexik_jwt_authentication.handler.authentication_failure
107+
108+ # activate different ways to authenticate
109+ # https://symfony.com/doc/current/security.html#the-firewall
110+
111+ # https://symfony.com/doc/current/security/impersonating_user.html
112+ # switch_user: true
113+
114+ # Easy way to control access for large sections of your site
115+ # Note: Only the *first* access control that matches will be used
116+ access_control:
117+ - { path: ^/docs, roles: PUBLIC_ACCESS } # Allows accessing the Swagger UI
118+ - { path: ^/authentication_token, roles: PUBLIC_ACCESS }
119+ #- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
120+
121+ when@test:
122+ security:
123+ password_hashers:
124+ # By default, password hashers are resource intensive and take time. This is
125+ # important to generate secure password hashes. In tests however, secure hashes
126+ # are not important, waste resources and increase test times. The following
127+ # reduces the work factor to the lowest possible values.
128+ Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
129+ algorithm: auto
130+ cost: 4 # Lowest possible value for bcrypt
131+ time_cost: 3 # Lowest possible value for argon
132+ memory_cost: 10 # Lowest possible value for argon
0 commit comments