Voici votre URL de partage https://sharemycode.io/c/0abd3f7 (Cliquer pour copier) (Copié)

Nom du fichier : security.yaml

security:
    # https://symfony.com/doc/current/security/experimental_authenticators.html
    enable_authenticator_manager: true
    # https://symfony.com/doc/current/security.html#c-hashing-passwords
    password_hashers:
        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: "auto"
        App\Entity\AdminMachine\User:
            algorithm: sha512
        App\Entity\AdminMachine\UserSdpos:
            algorithm: sha512
     
    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        # used to reload user from session & other features (e.g. switch_user)
        app_user_provider:
            entity:
                class: App\Entity\AdminMachine\User
                property: login
                # optional: if you're using multiple Doctrine entity
                # managers, this option defines which one to use
                manager_name: default

        app_user_sdpo_provider:
            entity:
                class: App\Entity\AdminMachine\UserSdpos
                property: login
                # optional: if you're using multiple Doctrine entity
                # managers, this option defines which one to use
                #manager_name: default

        all_users:
            chain:
                providers: ['app_user_provider', 'app_user_sdpo_provider']    

    # Roles hierarchy
    role_hierarchy:
        ROLE_TECHNICIAN: ROLE_USER
        ROLE_ADMIN: [ROLE_TECHNICIAN]
        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        api_login:
            pattern: ^/api/auth/login
            stateless: true
            # anonymous: true
            json_login:
                provider: all_users
                check_path: /api/auth/login
                username_path: username
                password_path: password
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
            provider: app_user_provider
            # custom_authenticator: App\Security\CustomAuthenticator
        sdpos_login:
            pattern: ^/api/auth/sdpos/login
            stateless: true
            provider: app_user_sdpo_provider
            custom_authenticator: App\Security\CustomAuthenticator

        refresh:
            pattern: ^/api/auth/refresh_token
            stateless: true
            provider: all_users
            # user_checker: security.user.provider.concrete.all_users
            # refresh_jwt: ~



        # refresh_sdpos:
        #     pattern: ^/api/auth/sdpos/refresh_token
        #     stateless: true
        #     provider: app_user_sdpo_provider
        #     custom_authenticator: App\Security\CustomRefreshTokenAuthenticator

        api_forgotten_password:
            pattern: ^/api/auth/forgotten_password
            stateless: true
            # anonymous: true
        api_reset_password:
            pattern: ^/api/auth/reset_password
            stateless: true
            # anonymous: true
        api_verify_email:
            pattern: ^/api/verify
            stateless: true
            # anonymous: true
        api_confirm_creds:
            pattern: ^/api/confirm
            stateless: true
            # anonymous: true


        api_admin_machine:
            pattern: ^/api/adminmachine
            stateless: true
            # anonymous: true
            jwt: ~
            provider: app_user_provider
            # guard:
        api_adminsdpos:
            pattern: ^/api/adminsdpos
            stateless: true
            # anonymous: true
            jwt: ~
            provider: app_user_provider
            # guard:  
        api_superdpos:
            pattern: ^/api/superdpos
            stateless: true
            # anonymous: true
            jwt: ~
            provider: app_user_sdpo_provider
            # jwt:
            #     authenticator: app.cust_authenticator
            # refresh_jwt: ~
                # check_path: /api/token/refresh # or, you may use the `api_refresh_token` route name

        # api:
        #     pattern: ^/api
        #     stateless: true

        #     jwt: ~
            # provider: all_users


    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        # - { path: ^/api/auth/refresh_token, roles: PUBLIC_ACCESS}
        # - { path: ^/api/auth/sdpos/refresh_token, roles: ROLE_USER}

        # - { path: ^/api/auth/forgotten_password, roles: ROLE_USER }
        # - { path: ^/api/auth/reset_password,roles: ROLE_USER }

        # - { path: ^/api/auth/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        # - { path: ^/api/auth/sdpos/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        # - { path: ^/api/verify, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        # - { path: ^/api/confirm, roles: IS_AUTHENTICATED_ANONYMOUSLY }


        # - { path: ^/api/adminmachine, roles: ROLE_USER }
        # - { path: ^/api/adminsdpos, roles: ROLE_USER }
        # - { path: ^/api/superdpos, roles: ROLE_USER }
        
        # - { path: ^/api, roles: ROLE_USER }

        - { path: ^/api/auth/refresh_token, roles: PUBLIC_ACCESS}
        # - { path: ^/api/auth/sdpos/refresh_token, roles: ROLE_USER}

        - { path: ^/api/auth/forgotten_password, roles: ROLE_USER }
        - { path: ^/api/auth/reset_password,roles: ROLE_USER }

        - { path: ^/api/auth/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/auth/sdpos/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/verify, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/confirm, roles: IS_AUTHENTICATED_ANONYMOUSLY }


        - { path: ^/api/adminmachine, roles: IS_AUTHENTICATED_FULLY }
        - { path: ^/api/adminsdpos, roles: IS_AUTHENTICATED_FULLY }
        - { path: ^/api/superdpos, roles: IS_AUTHENTICATED_FULLY }
        # - { path: ^api/superdpos/organism, roles: ROLE_USER }

        # - { path: ^/api, roles: ROLE_USER }

Informations

Cet extrait a été créé le 24 janv. 2023 à 14:58:55

Cet extrait expire le 23 févr. 2023 à 14:58:55

Langage : yaml

Logo yaml

Link

Voici votre URL de partage : https://sharemycode.io/c/0abd3f7 Copié

Ce code a été partagé avec Share on ShareMyCode.io pour VSCode

Demander la suppression