security:
providers:
user_database_provider:
id: security.database_user_provider
user_jwt_provider:
id: security.jwt_user_provider
encoders:
AppBundle\Entity\User:
algorithm: bcrypt
cost: 13
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
api:
pattern: ^/api
security: true
anonymous: true
stateless: true
guard:
provider: user_jwt_provider
authenticators:
- security.token_authenticator
login:
pattern: ^/login
stateless: true
anonymous: true
form_login:
provider: user_database_provider
login_path: security_login
check_path: security_login
username_parameter: email
password_parameter: password
require_previous_session: false
success_handler: security.authentication_success_handler
failure_handler: security.authentication_failure_handler
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: ROLE_ADMIN }