security: # https://symfony.com/doc/current/security/experimental_authenticators.html enable_authenticator_manager: true password_hashers: App\Entity\User: algorithm: auto # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers providers: # used to reload user from session & other features (e.g. switch_user) app_user_provider: entity: class: App\Entity\User property: email # used to reload user from session & other features (e.g. switch_user) # used to reload user from session & other features (e.g. switch_user) firewalls: login: pattern: ^/api/login stateless: true json_login: check_path: /api/login success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure api: pattern: ^/api stateless: true guard: authenticators: - lexik_jwt_authentication.jwt_token_authenticator dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: lazy: true provider: app_user_provider # activate different ways to authenticate # https://symfony.com/doc/current/security.html#firewalls-authentication # https://symfony.com/doc/current/security/impersonating_user.html # switch_user: true # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: # - { path: ^/admin, roles: ROLE_ADMIN } # - { path: ^/profile, roles: ROLE_USER } # - { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY } # - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } # - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }