ahmed-bhs · March 4, 2018 16:27
diff --git a/security.yml b/security.yml
 security:
    encoders:
        Gain\Bundle\UserBundle\Entity\User: sha512

    role_hierarchy:
        ROLE_ACCESS_BACKEND:   []
        ROLE_ACCESS_FRONTEND:  []

        ROLE_ADMIN:            [ROLE_USER, ROLE_ACCESS_BACKEND]
        ROLE_ADMIN_PUBLISHER:  [ROLE_USER, ROLE_ACCESS_BACKEND] # Not used yet 2017-09-06
        ROLE_ADMIN_PURCHASE:   [ROLE_USER, ROLE_ACCESS_BACKEND] # Not used yet 2017-09-06
        ROLE_ADMIN_COMMERCIAL: [ROLE_USER, ROLE_ACCESS_BACKEND]

        ROLE_PRO_MEMBER:       [ROLE_USER, ROLE_ACCESS_FRONTEND]
        ROLE_PRO_SUPPLIER:     [ROLE_USER, ROLE_ACCESS_FRONTEND]

    providers:
        users:
            entity: { class: GainUserBundle:User, property: username }

    firewalls:
        dev:
            pattern:  ^/api/(_(profiler|wdt))/
            security: false

        login:
            pattern:  ^/api/(login|password|account|membership|public)
            stateless: true
            anonymous: true
            form_login:
                check_path: /api/login_check
                require_previous_session: false
                username_parameter: username
                password_parameter: password
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure

        api_files:
            pattern:   ^/api/download
            anonymous: true

        api:
            pattern:   ^/api
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator

    access_control:
        - { path: ^/api/(login|password|account|download|membership|public), roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY }
	security:
	encoders:
	Gain\Bundle\UserBundle\Entity\User: sha512

	role_hierarchy:
	ROLE_ACCESS_BACKEND: []
	ROLE_ACCESS_FRONTEND: []

	ROLE_ADMIN: [ROLE_USER, ROLE_ACCESS_BACKEND]
	ROLE_ADMIN_PUBLISHER: [ROLE_USER, ROLE_ACCESS_BACKEND] # Not used yet 2017-09-06
	ROLE_ADMIN_PURCHASE: [ROLE_USER, ROLE_ACCESS_BACKEND] # Not used yet 2017-09-06
	ROLE_ADMIN_COMMERCIAL: [ROLE_USER, ROLE_ACCESS_BACKEND]

	ROLE_PRO_MEMBER: [ROLE_USER, ROLE_ACCESS_FRONTEND]
	ROLE_PRO_SUPPLIER: [ROLE_USER, ROLE_ACCESS_FRONTEND]

	providers:
	users:
	entity: { class: GainUserBundle:User, property: username }

	firewalls:
	dev:
	pattern: ^/api/(_(profiler\|wdt))/
	security: false

	login:
	pattern: ^/api/(login\|password\|account\|membership\|public)
	stateless: true
	anonymous: true
	form_login:
	check_path: /api/login_check
	require_previous_session: false
	username_parameter: username
	password_parameter: password
	success_handler: lexik_jwt_authentication.handler.authentication_success
	failure_handler: lexik_jwt_authentication.handler.authentication_failure

	api_files:
	pattern: ^/api/download
	anonymous: true

	api:
	pattern: ^/api
	stateless: true
	guard:
	authenticators:
	- lexik_jwt_authentication.jwt_token_authenticator

	access_control:
	- { path: ^/api/(login\|password\|account\|download\|membership\|public), roles: IS_AUTHENTICATED_ANONYMOUSLY }
	- { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY }