]> git.immae.eu Git - github/wallabag/wallabag.git/blobdiff - app/config/security.yml
projects / github / wallabag / wallabag.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Update bundle & stock file
[github/wallabag/wallabag.git] / app / config / security.yml
diff --git a/app/config/security.yml b/app/config/security.yml
index 6533a430d05e072482be6185de65242c2d09cd88..a99a7d80daac75d9b5a3f33f86a94a15eb57f6a0 100644 (file)
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -8,21 +8,27 @@ security:
 
     providers:
         administrators:
-            entity: { class: WallabagCoreBundle:User, property: username }
+            entity: { class: WallabagUserBundle:User, property: username }
         fos_userbundle:
             id: fos_user.user_provider.username
 
     # the main part of the security, where you can set up firewalls
     # for specific sections of your app
     firewalls:
+        # disables authentication for assets and the profiler, adapt it according to your needs
+        dev:
+            pattern: ^/(_(profiler|wdt)|css|images|js)/
+            security: false
+
         oauth_token:
             pattern: ^/oauth/v2/token
             security: false
+
         api:
             pattern: /api/.*
             fos_oauth: true
             stateless: true
-            anonymous: false
+            anonymous: true
 
         login_firewall:
             pattern:    ^/login$
@@ -32,11 +38,11 @@ security:
             pattern: ^/
             form_login:
                 provider: fos_userbundle
-                csrf_provider: security.csrf.token_manager
+                csrf_token_generator: security.csrf.token_manager
 
             anonymous:    true
             remember_me:
-                key:      "%secret%"
+                secret:   "%secret%"
                 lifetime: 31536000
                 path:     /
                 domain:   ~
@@ -49,6 +55,6 @@ security:
         - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/, roles: ROLE_USER }
A self hostable application for saving web pages: Save and classify articles. Read them later. Freely.