X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=app%2Fconfig%2Fsecurity.yml;h=96489e2683f1fcc6aad294b1578108b970c93a9c;hb=8445ad4790ff4f3f9759f9bfa0d503ad5654e30e;hp=171a69e2e0596d9aded5895f2421b9c02194097c;hpb=63f9f22fa37b14171c6f92d24f99ccf01ae7af00;p=github%2Fwallabag%2Fwallabag.git

diff --git a/app/config/security.yml b/app/config/security.yml
index 171a69e2..96489e26 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -12,7 +12,7 @@ security:
                 class: WallabagUserBundle:User
                 property: username
         fos_userbundle:
-            id: fos_user.user_provider.username
+            id: fos_user.user_provider.username_email
 
     # the main part of the security, where you can set up firewalls
     # for specific sections of your app
@@ -31,17 +31,19 @@ security:
             fos_oauth: true
             stateless: true
             anonymous: true
+            provider: fos_userbundle
 
         login_firewall:
+            logout_on_user_change: true
             pattern: ^/login$
             anonymous:  ~
 
         secured_area:
+            logout_on_user_change: true
             pattern: ^/
             form_login:
                 provider: fos_userbundle
                 csrf_token_generator: security.csrf.token_manager
-                failure_handler: wallabag_user.security.custom_auth_failure_handler
 
             anonymous: true
             remember_me:
@@ -55,13 +57,13 @@ security:
                 target: /
 
     access_control:
-        - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/api/(doc|version|info|user), roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: /(unread|starred|archive|all).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/locale, role: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: /tags/(.*).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/share, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/settings, roles: ROLE_SUPER_ADMIN }
         - { path: ^/annotations, roles: ROLE_USER }