Raphaël G. Git Repositories - airlibre/blob - config/packages/security.yaml

   1 security:
   2     # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
   3     password_hashers:
   4         Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
   5     # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
   6     providers:
   7         users_in_memory: { memory: null }
   8     firewalls:
   9         dev:
  10             pattern: ^/(_(profiler|wdt)|css|images|js)/
  11             security: false
  12         main:
  13             lazy: true
  14             provider: users_in_memory
  15
  16             # activate different ways to authenticate
  17             # https://symfony.com/doc/current/security.html#the-firewall
  18
  19             # https://symfony.com/doc/current/security/impersonating_user.html
  20             # switch_user: true
  21
  22     # Easy way to control access for large sections of your site
  23     # Note: Only the *first* access control that matches will be used
  24     access_control:
  25         # - { path: ^/admin, roles: ROLE_ADMIN }
  26         # - { path: ^/profile, roles: ROLE_USER }
  27
  28 when@test:
  29     security:
  30         password_hashers:
  31             # By default, password hashers are resource intensive and take time. This is
  32             # important to generate secure password hashes. In tests however, secure hashes
  33             # are not important, waste resources and increase test times. The following
  34             # reduces the work factor to the lowest possible values.
  35             Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
  36                 algorithm: auto
  37                 cost: 4 # Lowest possible value for bcrypt
  38                 time_cost: 3 # Lowest possible value for argon
  39                 memory_cost: 10 # Lowest possible value for argon