· 5 years ago · Oct 15, 2019, 01:52 PM
1parameters:
2 sylius.security.admin_regex: "^/admin"
3 sylius.security.api_regex: "^/api"
4 sylius.security.shop_regex: "^/(?!admin|api/.*|api$|media/.*)[^/]++"
5
6security:
7 always_authenticate_before_granting: true
8 providers:
9 sylius_admin_user_provider:
10 id: sylius.admin_user_provider.email_or_name_based
11 sylius_shop_user_provider:
12 id: sylius.shop_user_provider.email_or_name_based
13 encoders:
14 Sylius\Component\User\Model\UserInterface: argon2i
15 firewalls:
16 admin:
17 switch_user: true
18 context: admin
19 pattern: "%sylius.security.admin_regex%"
20 provider: sylius_admin_user_provider
21 form_login:
22 provider: sylius_admin_user_provider
23 login_path: sylius_admin_login
24 check_path: sylius_admin_login_check
25 failure_path: sylius_admin_login
26 default_target_path: sylius_admin_dashboard
27 use_forward: false
28 use_referer: true
29 csrf_token_generator: security.csrf.token_manager
30 csrf_parameter: _csrf_admin_security_token
31 csrf_token_id: admin_authenticate
32 remember_me:
33 secret: "%env(APP_SECRET)%"
34 path: /admin
35 name: APP_ADMIN_REMEMBER_ME
36 lifetime: 2419200000
37 remember_me_parameter: _remember_me
38 logout:
39 path: sylius_admin_logout
40 target: sylius_admin_login
41 anonymous: true
42
43 oauth_token:
44 pattern: "%sylius.security.api_regex%/oauth/v2/token"
45 security: false
46
47 api:
48 pattern: "%sylius.security.api_regex%/.*"
49 provider: sylius_admin_user_provider
50 fos_oauth: true
51 stateless: true
52 anonymous: true
53
54 shop:
55 switch_user: { role: ROLE_ALLOWED_TO_SWITCH }
56 context: shop
57 pattern: "%sylius.security.shop_regex%"
58 provider: sylius_shop_user_provider
59 form_login:
60 success_handler: sylius.authentication.success_handler
61 failure_handler: sylius.authentication.failure_handler
62 provider: sylius_shop_user_provider
63 login_path: sylius_shop_login
64 check_path: sylius_shop_login_check
65 failure_path: sylius_shop_login
66 default_target_path: sylius_shop_homepage
67 use_forward: false
68 use_referer: true
69 csrf_token_generator: security.csrf.token_manager
70 csrf_parameter: _csrf_shop_security_token
71 csrf_token_id: shop_authenticate
72 remember_me:
73 secret: "%env(APP_SECRET)%"
74 name: APP_SHOP_REMEMBER_ME
75 lifetime: 2419200000
76 remember_me_parameter: _remember_me
77 logout:
78 path: sylius_shop_logout
79 target: sylius_shop_login
80 invalidate_session: false
81 success_handler: sylius.handler.shop_user_logout
82 anonymous: true
83
84 dev:
85 pattern: ^/(_(profiler|wdt)|css|images|js)/
86 security: false
87
88 access_control:
89 - { path: "%sylius.security.admin_regex%/_partial", role: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1] }
90 - { path: "%sylius.security.admin_regex%/_partial", role: ROLE_NO_ACCESS }
91 - { path: "%sylius.security.shop_regex%/_partial", role: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1] }
92 - { path: "%sylius.security.shop_regex%/_partial", role: ROLE_NO_ACCESS }
93
94 - { path: "%sylius.security.admin_regex%/login", role: IS_AUTHENTICATED_ANONYMOUSLY }
95 - { path: "%sylius.security.api_regex%/login", role: IS_AUTHENTICATED_ANONYMOUSLY }
96 - { path: "%sylius.security.shop_regex%/login", role: IS_AUTHENTICATED_ANONYMOUSLY }
97
98 - { path: "%sylius.security.shop_regex%/register", role: IS_AUTHENTICATED_ANONYMOUSLY }
99 - { path: "%sylius.security.shop_regex%/verify", role: IS_AUTHENTICATED_ANONYMOUSLY }
100 - { path: "%sylius.security.shop_regex%/forgotten-password", role: IS_AUTHENTICATED_ANONYMOUSLY }
101
102 - { path: "%sylius.security.admin_regex%", role: ROLE_ADMINISTRATION_ACCESS }
103 - { path: "%sylius.security.api_regex%/.*", role: ROLE_API_ACCESS }
104 - { path: "%sylius.security.shop_regex%", role: ROLE_USER }