Part-DB.Part-DB-server/config/packages/security.yaml

security:
    encoders:
        App\Entity\UserSystem\User:
            algorithm: auto

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:

        # used to reload user from session & other features (e.g. switch_user)
        app_user_provider:
            entity:
                class: App\Entity\UserSystem\User
                property: name
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            anonymous: lazy
            user_checker: App\Security\UserChecker

            two_factor:
                auth_form_path: 2fa_login
                check_path: 2fa_login_check
                csrf_token_generator: security.csrf.token_manager

              # activate different ways to authenticate

              #http_basic: true
              # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate

            # https://symfony.com/doc/current/security/form_login_setup.html
            form_login:
                login_path: login
                check_path: login
                csrf_token_generator: security.csrf.token_manager
                use_referer: true
                default_target_path: '/'

            logout:
                path: logout
                target: homepage
                handlers: [App\EventSubscriber\LogSystem\LogoutLoggerHandler]

            remember_me:
                secret:   '%kernel.secret%'
                lifetime: 2592000 # 30 days in seconds

    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        # This makes the logout route available during two-factor authentication, allows the user to cancel
        - { path: ^/logout, role: IS_AUTHENTICATED_ANONYMOUSLY }
        # This ensures that the form can only be accessed when two-factor authentication is in progress
        - { path: "^/\\w{2}/2fa", role: IS_AUTHENTICATED_2FA_IN_PROGRESS }
        # We get into trouble with the U2F authentication, if the calls to the trees trigger an 2FA login
        # This settings should not do much harm, because a read only access to show available data structures is not really critical
        - { path: "^/\\w{2}/tree", role: IS_AUTHENTICATED_ANONYMOUSLY }
Initial commit 2019-02-23 16:49:38 +01:00			`security:`
Added user entity and basic login/logout system. 2019-03-14 18:01:41 +01:00			`encoders:`
Added an option for mass creation of structured data. 2019-08-12 22:41:58 +02:00			`App\Entity\UserSystem\User:`
Use auto for password algorithm (fixes deprecation) 2019-06-16 12:59:11 +02:00			`algorithm: auto`
Added user entity and basic login/logout system. 2019-03-14 18:01:41 +01:00
Initial commit 2019-02-23 16:49:38 +01:00			`# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers`
			`providers:`
Updated recipes of security-bundle 2020-01-07 19:25:19 +01:00
Added user entity and basic login/logout system. 2019-03-14 18:01:41 +01:00			`# used to reload user from session & other features (e.g. switch_user)`
			`app_user_provider:`
			`entity:`
Added an option for mass creation of structured data. 2019-08-12 22:41:58 +02:00			`class: App\Entity\UserSystem\User`
Added user entity and basic login/logout system. 2019-03-14 18:01:41 +01:00			`property: name`
Initial commit 2019-02-23 16:49:38 +01:00			`firewalls:`
			`dev:`
			`pattern: ^/(_(profiler\|wdt)\|css\|images\|js)/`
			`security: false`
			`main:`
Updated recipes of security-bundle 2020-01-07 19:25:19 +01:00			`anonymous: lazy`
Allow to disable a user in admin settings. When a user is disabled, he can not login. 2019-10-26 23:22:27 +02:00			`user_checker: App\Security\UserChecker`
Initial commit 2019-02-23 16:49:38 +01:00
Implemented the two factor auth login form. 2019-12-23 18:45:32 +01:00			`two_factor:`
			`auth_form_path: 2fa_login`
			`check_path: 2fa_login_check`
			`csrf_token_generator: security.csrf.token_manager`

Added user entity and basic login/logout system. 2019-03-14 18:01:41 +01:00			`# activate different ways to authenticate`
Initial commit 2019-02-23 16:49:38 +01:00
Added user entity and basic login/logout system. 2019-03-14 18:01:41 +01:00			`#http_basic: true`
			`# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate`
Initial commit 2019-02-23 16:49:38 +01:00
			`# https://symfony.com/doc/current/security/form_login_setup.html`
Added user entity and basic login/logout system. 2019-03-14 18:01:41 +01:00			`form_login:`
			`login_path: login`
			`check_path: login`
			`csrf_token_generator: security.csrf.token_manager`
			`use_referer: true`
Use language setting of users when logging in. 2019-09-12 17:50:33 +02:00			`default_target_path: '/'`
Added user entity and basic login/logout system. 2019-03-14 18:01:41 +01:00
			`logout:`
			`path: logout`
			`target: homepage`
Restructured EventSubscriber Folder structure. 2020-04-09 17:24:16 +02:00			`handlers: [App\EventSubscriber\LogSystem\LogoutLoggerHandler]`
Initial commit 2019-02-23 16:49:38 +01:00
Added a remember me function to the login form. 2019-03-14 18:27:29 +01:00			`remember_me:`
			`secret: '%kernel.secret%'`
			`lifetime: 2592000 # 30 days in seconds`

Initial commit 2019-02-23 16:49:38 +01:00			`# Easy way to control access for large sections of your site`
			`# Note: Only the first access control that matches will be used`
			`access_control:`
Implemented the two factor auth login form. 2019-12-23 18:45:32 +01:00			`# This makes the logout route available during two-factor authentication, allows the user to cancel`
			`- { path: ^/logout, role: IS_AUTHENTICATED_ANONYMOUSLY }`
			`# This ensures that the form can only be accessed when two-factor authentication is in progress`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`- { path: "^/\\w{2}/2fa", role: IS_AUTHENTICATED_2FA_IN_PROGRESS }`
			`# We get into trouble with the U2F authentication, if the calls to the trees trigger an 2FA login`
			`# This settings should not do much harm, because a read only access to show available data structures is not really critical`
			`- { path: "^/\\w{2}/tree", role: IS_AUTHENTICATED_ANONYMOUSLY }`