diff --git a/config/packages/security.yaml b/config/packages/security.yaml index e4c3e3a7..cc5895ed 100644 --- a/config/packages/security.yaml +++ b/config/packages/security.yaml @@ -1,22 +1,23 @@ security: - encoders: - App\Entity\UserSystem\User: - algorithm: auto + enable_authenticator_manager: true + + password_hashers: + Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto' # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers providers: - # used to reload user from session & other features (e.g. switch_user) app_user_provider: entity: class: App\Entity\UserSystem\User property: name + firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: - anonymous: true + provider: app_user_provider lazy: true user_checker: App\Security\UserChecker @@ -25,16 +26,13 @@ security: check_path: 2fa_login_check enable_csrf: true - # activate different ways to authenticate - #http_basic: true - # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate # https://symfony.com/doc/current/security/form_login_setup.html form_login: login_path: login check_path: login - csrf_token_generator: security.csrf.token_manager + enable_csrf: true use_referer: true default_target_path: '/' diff --git a/config/packages/test/security.yaml b/config/packages/test/security.yaml index d21bd6dd..20e83035 100644 --- a/config/packages/test/security.yaml +++ b/config/packages/test/security.yaml @@ -2,11 +2,11 @@ security: # Disable password hashing during testing. This speeds up tests a lot - encoders: - App\Entity\UserSystem\User: - algorithm: plaintext + password_hashers: + Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'plaintext' firewalls: # replace 'main' by the name of your own firewall main: + entry_point: http_basic http_basic: ~ \ No newline at end of file