1b6f0bcde4
✨ feat(crm/admin): Améliore gestion des administrateurs et sécurité
Ajoute formulaires identité et mot de passe, rôles dynamiques.
Gère statuts, journal d'audit, connexions.
Améliore les notifications.
```
54 lines
1.6 KiB
YAML
54 lines
1.6 KiB
YAML
security:
|
|
providers:
|
|
app_account_provider:
|
|
entity:
|
|
class: App\Entity\Account
|
|
property: email
|
|
|
|
firewalls:
|
|
dev:
|
|
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
|
security: false
|
|
|
|
main:
|
|
lazy: true
|
|
provider: app_account_provider
|
|
user_checker: App\Security\UserChecker
|
|
|
|
# --- AJOUT DE LA CONFIGURATION 2FA ---
|
|
two_factor:
|
|
auth_form_path: 2fa_login # Route d'affichage du formulaire
|
|
check_path: 2fa_login_check # Route de soumission du code
|
|
# -------------------------------------
|
|
|
|
form_login:
|
|
login_path: app_home
|
|
check_path: app_home
|
|
enable_csrf: true
|
|
csrf_token_id: authenticate
|
|
|
|
entry_point: App\Security\AuthenticationEntryPoint
|
|
|
|
custom_authenticator:
|
|
- App\Security\LoginFormAuthenticator
|
|
- App\Security\KeycloakAuthenticator
|
|
|
|
logout:
|
|
path: app_logout # Assurez-vous d'utiliser 'path'
|
|
target: app_home
|
|
|
|
password_hashers:
|
|
App\Entity\Account: 'auto'
|
|
|
|
role_hierarchy:
|
|
ROLE_ROOT: [ROLE_ADMIN,ROLE_CLIENT_MAIN]
|
|
ROLE_CLIENT_MAIN: [ROLE_ADMIN]
|
|
|
|
|
|
access_control:
|
|
# Permettre l'accès aux pages 2FA même si on n'est pas encore pleinement "ROLE_ADMIN"
|
|
- { path: ^/2fa, roles: PUBLIC_ACCESS }
|
|
|
|
- { path: ^/crm, roles: [ROLE_ADMIN] }
|
|
- { path: ^/, roles: PUBLIC_ACCESS }
|