security: # https://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers encoders: App\Entity\User: algorithm: bcrypt cost: 12 providers: user_provider: entity: class: App\Entity\User property: username api_provider: entity: class: App\Entity\ApiUser property: api_key api_v2_provider: entity: class: App\Entity\CustomerUser property: api_key firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false new_rider_api_login: pattern: ^\/rider_api\/login$ methods: [POST] security: false login: pattern: ^\/login$ methods: [GET] security: false tracker: pattern: ^\/track\/ methods: [GET] security: false api: pattern: ^\/api\/ security: false sms: pattern: ^/sms\/ security: false rider_api: pattern: ^\/rapi\/ security: false test_capi: pattern: ^\/test_capi\/ security: false insurance: pattern: ^\/insurance\/ security: false paymongo: pattern: ^\/paymongo\/ security: false cust_api_v2: pattern: ^\/apiv2\/(?!register|register\/|number_confirm|number_confirm\/|code_validate|code_validate\/|resend_code|resend_code\/|version_check|version_check\/|account|account\/|account_code_validate|account_code_validate\/|account_resend_code|account_resend_code\/) provider: api_v2_provider access_denied_handler: Catalyst\ApiBundle\Service\AccessDeniedHandler stateless: true guard: authenticators: - Catalyst\ApiBundle\Security\Authenticator cust_api_v2_guest: pattern: ^\/apiv2\/(register|register\/|number_confirm|number_confirm\/|code_validate|code_validate\/|resend_code|resend_code\/|version_check|version_check\/|account|account\/|account_code_validate|account_code_validate\/|account_resend_code|account_resend_code\/) security: false warranty_api: pattern: ^\/capi\/ provider: api_provider access_denied_handler: Catalyst\ApiBundle\Service\AccessDeniedHandler stateless: true guard: authenticators: - Catalyst\ApiBundle\Security\Authenticator new_rider_api: pattern: ^\/rider_api\/ provider: api_provider access_denied_handler: Catalyst\ApiBundle\Service\AccessDeniedHandler stateless: true guard: authenticators: - Catalyst\ApiBundle\Security\Authenticator third_party_api: pattern: ^\/tapi\/ provider: api_provider access_denied_handler: Catalyst\ApiBundle\Service\AccessDeniedHandler stateless: true guard: authenticators: - Catalyst\ApiBundle\Security\Authenticator main: provider: user_provider form_login: login_path: login check_path: login logout: path: logout target: / remember_me: secret: '%env(APP_SECRET)%' lifetime: 604800 path: / user_checker: Catalyst\AuthBundle\Service\UserChecker switch_user: { role: ROLE_SUPER_ADMIN } # activate different ways to authenticate # http_basic: ~ # https://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate # form_login: ~ # https://symfony.com/doc/current/cookbook/security/form_login_setup.html access_decision_manager: strategy: unanimous