mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-21 01:25:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use PUBLIC_ACCESS role instead of IS_AUTHENTICATED_ANONYMOUSLY role

Browse source
This commit is contained in:
Jan Böhmer 2022-08-14 19:11:42 +02:00
parent 5fd608f42a
commit eef26f7ae6
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
config/packages/security.yaml
View file

@ -48,9 +48,9 @@ security:
# Note: Only the *first* access control that matches will be used
access_control:
# This makes the logout route available during two-factor authentication, allows the user to cancel
- { path: ^/logout, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/logout, role: PUBLIC_ACCESS }
# This ensures that the form can only be accessed when two-factor authentication is in progress
- { path: "^/\\w{2}/2fa", role: IS_AUTHENTICATED_2FA_IN_PROGRESS }
# We get into trouble with the U2F authentication, if the calls to the trees trigger an 2FA login
# This settings should not do much harm, because a read only access to show available data structures is not really critical
- { path: "^/\\w{2}/tree", role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: "^/\\w{2}/tree", role: PUBLIC_ACCESS }