security: encoders: App\Entity\UserSystem\User: algorithm: auto # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers providers: # used to reload user from session & other features (e.g. switch_user) app_user_provider: entity: class: App\Entity\UserSystem\User property: name firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: anonymous: true lazy: true user_checker: App\Security\UserChecker two_factor: auth_form_path: 2fa_login check_path: 2fa_login_check csrf_token_generator: security.csrf.token_manager # activate different ways to authenticate #http_basic: true # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate # https://symfony.com/doc/current/security/form_login_setup.html form_login: login_path: login check_path: login csrf_token_generator: security.csrf.token_manager use_referer: true default_target_path: '/' logout: path: logout target: homepage remember_me: secret: '%kernel.secret%' lifetime: 2592000 # 30 days in seconds # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: # This makes the logout route available during two-factor authentication, allows the user to cancel - { path: ^/logout, role: IS_AUTHENTICATED_ANONYMOUSLY } # This ensures that the form can only be accessed when two-factor authentication is in progress - { path: "^/\\w{2}/2fa", role: IS_AUTHENTICATED_2FA_IN_PROGRESS } # We get into trouble with the U2F authentication, if the calls to the trees trigger an 2FA login # This settings should not do much harm, because a read only access to show available data structures is not really critical - { path: "^/\\w{2}/tree", role: IS_AUTHENTICATED_ANONYMOUSLY }