PHP Classes

File: config/packages/security.yaml

Recommend this page to a friend!
  Classes of Manolo Salsas  >  Symfony Create Bundle Skeleton  >  config/packages/security.yaml  >  Download  
File: config/packages/security.yaml
Role: Auxiliary data
Content type: text/plain
Description: Auxiliary data
Class: Symfony Create Bundle Skeleton
Application to create reusable Symfony Bundles
Author: By
Last change:
Date: 2 years ago
Size: 2,791 bytes


Class file image Download
        # Our user class and the algorithm we'll use to encode passwords
        # 'auto' means to let Symfony choose the best possible password hasher (Argon2 or Bcrypt)
        App\Entity\User: 'auto'

        # In this example, users are stored via Doctrine in the database
        # To see the users at src/App/DataFixtures/ORM/LoadFixtures.php
        # To load users from somewhere else:
            entity: { class: App\Entity\User, property: username }

            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

            # this firewall applies to all URLs
            pattern: ^/

            # but the firewall does not require login on every page
            # denying access is done in access_control or in your controllers
            anonymous: lazy

            # This allows the user to login by submitting a username and password
            # Reference:
                # The route name that the login form submits to
                check_path: security_login
                # The name of the route where the login form lives
                # When the user tries to access a protected page, they are redirected here
                login_path: security_login
                # Secure the login form against CSRF
                # Reference:
                csrf_token_generator: security.csrf.token_manager
                # The page users are redirect to when there is no previous page stored in the
                # session (for example when the users access directly to the login page).
                default_target_path: blog_index

                # The route name the user can go to in order to logout
                path: security_logout
                # The name of the route to redirect to after logging out
                target: homepage

    # Used to restrict access for large sections of your site
    # Note: Only the *first* access control that matches will be used
        # this is a catch-all for the admin area
        # additional security lives in the controllers
        - { path: '^/(%app_locales%)/admin', roles: ROLE_ADMIN }

For more information send a message to info at phpclasses dot org.