63 lines
2.0 KiB
YAML
63 lines
2.0 KiB
YAML
security:
|
|
providers:
|
|
app_account_provider:
|
|
entity:
|
|
class: App\Entity\Account
|
|
property: email
|
|
reserve_account:
|
|
entity:
|
|
class: App\Entity\Customer
|
|
property: email
|
|
all_users:
|
|
chain:
|
|
providers: [app_account_provider, reserve_account]
|
|
firewalls:
|
|
dev:
|
|
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
|
security: false
|
|
|
|
main:
|
|
lazy: true
|
|
provider: all_users
|
|
user_checker: App\Security\UserChecker
|
|
|
|
# --- AJOUT DE LA CONFIGURATION 2FA ---
|
|
two_factor:
|
|
auth_form_path: 2fa_login # Route d'affichage du formulaire
|
|
check_path: 2fa_login_check # Route de soumission du code
|
|
default_target_path: /
|
|
# -------------------------------------
|
|
|
|
form_login:
|
|
login_path: app_home
|
|
check_path: app_home
|
|
enable_csrf: true
|
|
csrf_token_id: authenticate
|
|
|
|
entry_point: App\Security\AuthenticationEntryPoint
|
|
|
|
custom_authenticator:
|
|
- App\Security\CustomerAuthenticator
|
|
- App\Security\LoginFormAuthenticator
|
|
- App\Security\KeycloakAuthenticator
|
|
|
|
logout:
|
|
path: app_logout # Assurez-vous d'utiliser 'path'
|
|
target: app_home
|
|
|
|
password_hashers:
|
|
App\Entity\Account: 'auto'
|
|
App\Entity\Customer: 'auto'
|
|
|
|
role_hierarchy:
|
|
ROLE_ROOT: [ROLE_ADMIN,ROLE_CLIENT_MAIN,ROLE_CUSTOMER]
|
|
ROLE_CLIENT_MAIN: [ROLE_ADMIN,ROLE_CUSTOMER]
|
|
|
|
|
|
access_control:
|
|
# Permettre l'accès aux pages 2FA même si on n'est pas encore pleinement "ROLE_ADMIN"
|
|
- { path: ^/2fa, roles: PUBLIC_ACCESS }
|
|
- { path: ^/gestion-contrat, roles: [ROLE_CUSTOMER] }
|
|
- { path: ^/crm, roles: [ROLE_ADMIN] }
|
|
- { path: ^/, roles: PUBLIC_ACCESS }
|