A sample security.yml
:
security:
encoders:
Perform\UserBundle\Entity\User:
algorithm: bcrypt
providers:
perform:
entity:
class: Perform\UserBundle\Entity\User
property: email
access_decision_manager:
strategy: unanimous
firewalls:
dev:
pattern: ^/_(profiler|wdt)/
security: false
main:
pattern: ^/
form_login:
login_path: perform_user_login
check_path: perform_user_login
csrf_token_generator: security.csrf.token_manager
logout:
path: perform_user_logout
target: /
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/forgot-password, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_USER }
The bundle includes 3 routing files for different functionality.
routing_login.yml
for the login form and logout pathrouting_password.yml
for password resets when a user forgets their passwordrouting_crud.yml
CRUD routes for the user entityFor example, to use the login/logout form and enable password resets under the /forgot-password
URL prefix:
perform_user_login:
resource: "@PerformUserBundle/Resources/config/routing_login.yml"
perform_user_password:
resource: "@PerformUserBundle/Resources/config/routing/forgot_password.yml"
prefix: /forgot-password