-
-
Save darnel/d7a269c34de0aeb4ddd4eee7175abd76 to your computer and use it in GitHub Desktop.
Symfony security configuration for Remember me session regeneration bug report
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| security: | |
| encoders: | |
| OnlinePriznani\Authentication\BaseBundle\Entity\UserAccount: | |
| algorithm: bcrypt | |
| providers: | |
| entity.user_account.email: | |
| entity: | |
| class: OnlinePriznani\Authentication\BaseBundle\Entity\UserAccount | |
| property: email | |
| entity.user_account.confirmation_token: | |
| entity: | |
| class: OnlinePriznani\Authentication\BaseBundle\Entity\UserAccount | |
| property: confirmationToken | |
| hwi_oauth.user_account: | |
| id: online_priznani_authentication_base.security.oauth_user_provider | |
| firewalls: | |
| # disables authentication for assets and the profiler, adapt it according to your needs | |
| dev: | |
| pattern: ^/(_(profiler|wdt)|css|images|js)/ | |
| security: false | |
| # disable firewall for async jobs | |
| async_endpoint: | |
| pattern: ^/(receive-output)/ | |
| security: false | |
| # main application | |
| main: | |
| pattern: ^/ | |
| anonymous: ~ | |
| switch_user: | |
| provider: entity.user_account.email | |
| guard: | |
| provider: entity.user_account.confirmation_token | |
| authenticators: | |
| - online_priznani_authentication_base.security.token_authenticator | |
| form_login: | |
| login_path: onlinepriznani_authentication_web_security_login | |
| check_path: onlinepriznani_authentication_web_security_login | |
| csrf_token_generator: security.csrf.token_manager | |
| provider: entity.user_account.email | |
| oauth: | |
| resource_owners: | |
| facebook: "/login/check-facebook" | |
| google: "/login/check-google" | |
| login_path: /login | |
| failure_path: /register | |
| provider: entity.user_account.email | |
| oauth_user_provider: | |
| service: online_priznani_authentication_base.security.oauth_user_provider | |
| logout: | |
| path: /logout | |
| target: / | |
| remember_me: | |
| secret: '%kernel.secret%' | |
| lifetime: 34128000 | |
| # secure: true | |
| always_remember_me: true | |
| user_provider: entity.user_account.email | |
| role_hierarchy: | |
| ROLE_CSR: [ROLE_USER] | |
| ROLE_ADMIN: [ROLE_USER, ROLE_CSR, ROLE_ALLOWED_TO_SWITCH] | |
| access_control: | |
| - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/admin/orders, role: ROLE_CSR } | |
| - { path: ^/admin/user-accounts, role: ROLE_CSR } | |
| - { path: ^/admin/emails/send-email, role: ROLE_CSR } | |
| - { path: ^/admin, role: ROLE_ADMIN } | |
| - { path: ^/user-account, role: ROLE_USER } | |
| - { path: ^/api/v1/admin/orders, role: ROLE_CSR } | |
| - { path: ^/api/v1/admin, role: ROLE_ADMIN } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment