wallabag/app/config/security.yml
2015-02-02 12:54:14 +01:00

60 lines
1.9 KiB
YAML

security:
encoders:
Wallabag\CoreBundle\Entity\Users:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
providers:
administrators:
entity: { class: WallabagCoreBundle:Users, property: username }
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
#wsse_secured:
# pattern: /api/.*
# wsse: true
login_firewall:
pattern: ^/login$
anonymous: ~
# secured_area:
# pattern: ^/
# anonymous: ~
# form_login:
# login_path: /login
#
# use_forward: false
#
# check_path: /login_check
#
# post_only: true
#
# always_use_default_target_path: true
# default_target_path: /
# target_path_parameter: redirect_url
# use_referer: true
#
# failure_path: null
# failure_forward: false
#
# username_parameter: _username
# password_parameter: _password
#
# csrf_parameter: _csrf_token
# intention: authenticate
#
# logout:
# path: /logout
# target: /
access_control:
- { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }