Develop Reference

FriendsOfSymfony (FOS) package missing on deployed GAE app

I'm deploying my php 7.4 app with framework symfony 5 on Google App Engine.
The problem is, friendsofsymfony package is nowhere to be seen in the source folder 'vendor' of the deployed app on the App Engine.
I followed the installation of the package on Symfony FOSCKEditorBundle
(Download the bundle, register the bundle, install the assets, configure twig).
I do have the bundle inside of public, but composer doesn't seem to install the ckeditor-bundle package in the vendor folder. Locally everything works fine, upon composer install/update he downloads the package and app runs fine.
Composer.json
{
"type": "project",
"license": "proprietary",
"require": {
"php": "^7.2.5",
"ext-ctype": "*",
"ext-iconv": "*",
"friendsofsymfony/ckeditor-bundle": "^2.2",
"google/cloud-dialogflow": "^0.13.0",
"knplabs/knp-paginator-bundle": "^5.2",
"league/csv": "^9.0",
"nelmio/cors-bundle": "^2.0",
"sendgrid/sendgrid": "^7.7",
"sensio/framework-extra-bundle": "^5.5",
"symfony/apache-pack": "^1.0",
"symfony/asset": "5.0.*",
"symfony/console": "5.0.*",
"symfony/dotenv": "5.0.*",
"symfony/expression-language": "5.0.*",
"symfony/flex": "^1.3.1",
"symfony/form": "5.0.*",
"symfony/framework-bundle": "5.0.*",
"symfony/http-client": "5.0.*",
"symfony/intl": "5.0.*",
"symfony/mailer": "5.0.*",
"symfony/monolog-bundle": "^3.1",
"symfony/notifier": "5.0.*",
"symfony/orm-pack": "*",
"symfony/process": "5.0.*",
"symfony/security-bundle": "5.0.*",
"symfony/serializer": "5.0.*",
"symfony/serializer-pack": "*",
"symfony/string": "5.0.*",
"symfony/translation": "5.0.*",
"symfony/twig-pack": "^1.0",
"symfony/validator": "5.0.*",
"symfony/web-link": "5.0.*",
"symfony/yaml": "5.0.*"
},
"require-dev": {
"symfony/debug-pack": "*",
"symfony/maker-bundle": "^1.0",
"symfony/profiler-pack": "*",
"symfony/test-pack": "*"
},
"config": {
"preferred-install": {
"*": "dist"
},
"sort-packages": true
},
"autoload": {
"psr-4": {
"App\\": "src/"
}
},
"autoload-dev": {
"psr-4": {
"App\\Tests\\": "tests/"
}
},
"replace": {
"paragonie/random_compat": "2.*",
"symfony/polyfill-ctype": "*",
"symfony/polyfill-iconv": "*",
"symfony/polyfill-php72": "*",
"symfony/polyfill-php71": "*",
"symfony/polyfill-php70": "*",
"symfony/polyfill-php56": "*"
},
"conflict": {
"symfony/symfony": "*"
},
"extra": {
"symfony": {
"allow-contrib": false,
"require": "5.0.*"
}
}
}
app.yaml
# Use the PHP 7.3 runtime (BETA) by replacing "php72" below with "php73"
runtime: php74
env_variables:
APP_ENV: prod
APP_SECRET: ###
DATABASE_URL: ###
# APP_DEBUG: true
## For connecting to Cloud SQL with Doctrine
## This is used in part two of the README:
# DATABASE_URL: mysql://root:DB_PASSWORD#localhost?unix_socket=/cloudsql/INSTANCE_CONNECTION_NAME;dbname=symfonydb
handlers:
# Declare the build and bundles directory as static assets to be served by the
# App Engine CDN.
- url: /build
static_dir: public
- url: /bundles
static_dir: public
# Declare any media files in the public directory as static assets as well.
- url: /css
static_dir: css
- url: /js
static_dir: js
- url: /images
static_dir: images
- url: /node_modules
static_dir: node_modules
- url: /Theme/META-INF/resources
static_dir: Theme/META-INF/resources
- url: /bundles/fosckeditor
static_dir: bundles/fosckeditor
basic_scaling:
max_instances: 5
fos_ckeditor.yaml
# Read the documentation: https://symfony.com/doc/current/bundles/FOSCKEditorBundle/index.html
twig:
form_themes:
- '#FOSCKEditor/Form/ckeditor_widget.html.twig'
fos_ck_editor:
configs:
main_config:
toolbar:
- { name: "styles", items: ['Bold', 'Italic', 'Underline', 'Strike', 'Blockquote', '-', 'Link', '-', 'RemoveFormat', '-', 'NumberedList', 'BulletedList', '-', 'Image', 'Table', '-', 'TextColor', 'BGColor', 'Source'] }

Symfony 3.3 FOSRestBundle + FOSUserBundle + PUGXMultiuserBundle Registration with postman CSRF protection is invalid

i'm using symfony 3.3, i build my application with FOSUserbundle and PUGXMultiuserBundle and everything is ok. and now i'm trying to create my API REST with FOSRestBundle, i got a problem when i'm trying to register a new user with postman.
{
"code": 400,
"message": "Validation Failed",
"errors": {
"errors": [
"The CSRF token is invalid. Please try to resubmit the form."
],
"children": {
"email": {},
"username": {},
"plainPassword": {
"children": {
"first": {},
"second": {}
}
}
}
}
}
i used this example to build my API REST and it is good but didn't work with PUGXMultiuserBundle
enter link description here
and this is my class for registration a new user
<?php
namespace Taseera\EndpointBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use FOS\RestBundle\Controller\Annotations;
use FOS\RestBundle\Controller\FOSRestController;
use FOS\RestBundle\Routing\ClassResourceInterface;
use FOS\RestBundle\Controller\Annotations\RouteResource;
use FOS\UserBundle\Event\FilterUserResponseEvent;
use FOS\UserBundle\Event\GetResponseUserEvent;
use FOS\UserBundle\FOSUserEvents;
use FOS\UserBundle\Event\FormEvent;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
/**
* #RouteResource("registration", pluralize=false)
*/
class RegistrationUserOneController extends FOSRestController implements ClassResourceInterface
{
/**
* #Annotations\Post("/register-company")
*/
public function registerAction(Request $request)
{
//$request = $this->getRequest();
$formFactory = $this->get('fos_user.registration.form.factory');
$form = $formFactory->createForm(array('csrf_protection' => false));
$discriminator = $this->container->get('pugx_user.manager.user_discriminator');
$discriminator->setClass('Taseera\UserBundle\Entity\UserOne');
$userManager = $this->container->get('pugx_user_manager');
$user = $userManager->createUser();
$dispatcher = $this->get('event_dispatcher');
$event = new GetResponseUserEvent($user, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_INITIALIZE, $event);
if (null !== $event->getResponse()) {
return $event->getResponse();
}
$form->setData($user);
$form->submit($request->request->all());
if ( ! $form->isValid()) {
$event = new FormEvent($form, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_FAILURE, $event);
if (null !== $response = $event->getResponse()) {
return $response;
}
return $form;
}
$event = new FormEvent($form, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_SUCCESS, $event);
if ($event->getResponse()) {
return $event->getResponse();
}
$userManager->updateUser($user);
$response = new JsonResponse(
[
'msg' => $this->get('translator')->trans('registration.flash.user_created', [], 'FOSUserBundle'),
'token' => $this->get('lexik_jwt_authentication.jwt_manager')->create($user), // creates JWT
],
Response::HTTP_CREATED,
[
'Location' => $this->generateUrl(
'get_profile',
[ 'user' => $user->getId() ],
UrlGeneratorInterface::ABSOLUTE_URL
)
]
);
$dispatcher->dispatch(
FOSUserEvents::REGISTRATION_COMPLETED,
new FilterUserResponseEvent($user, $request, $response)
);
return $response;
}
}
i'm using also "lexikjwt-authentication-bundle", "jms/serializer-bundle", "nelmio/api-doc-bundle" and "nelmio/cors-bundle"
this is my security.yml:
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: [ROLE_USER, ROLE_COMPANY]
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
admin:
pattern: ^/admin(.*)
form_login:
provider: fos_userbundle
login_path: admin_login
check_path: admin_login_check
# check_path verification de l'autentification
default_target_path: /admin
logout:
path: /admin/logout
target: /admin/login
anonymous: true
company:
pattern: ^/company(.*)
form_login:
provider: fos_userbundle
login_path: company_login
check_path: company_login_check
# check_path verification de l'autentification
default_target_path: /company/profile
logout:
path: /company/logout
target: /company/login
anonymous: true
main:
pattern: ^/
form_login:
provider: fos_userbundle
login_path: fos_user_security_login
check_path: fos_user_security_check
csrf_token_generator: security.csrf.token_manager
default_target_path: taseerafrontend_homepage
always_use_default_target_path: true
logout: true
anonymous: true
api:
pattern: ^/endpoint
stateless: true
lexik_jwt: ~
healthcheck:
pattern: ^/endpoint/ping$
anonymous: true
api_docs:
pattern: ^/endpoint/doc
anonymous: true
api_register:
pattern: ^/endpoint/register-company
anonymous: true
security: false
api_password_reset:
pattern: ^/endpoint/password/reset
anonymous: true
api_login:
pattern: ^/endpoint/login
stateless: true
anonymous: true
form_login:
check_path: /endpoint/login
require_previous_session: false
username_parameter: username
password_parameter: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
logout: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/endpoint/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
- { path: ^/company/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/company/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/company/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/company/, role: ROLE_COMPANY }
and this is my config.yml
imports:
- { resource: parameters.yml }
- { resource: security.yml }
- { resource: services.yml }
# Put parameters here that don't need to change on each machine where the app is deployed#https://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
locale: ar
category_directory: '%kernel.root_dir%/../web/backend/img/category'
user_one_company_directory: '%kernel.root_dir%/../web/backend/img/company'
medias_directory: '%kernel.root_dir%/../web/backend/img/medias'
framework:
#esi: ~
translator: ~
secret: '%secret%'
router:
resource: '%kernel.project_dir%/app/config/routing.yml'
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
#serializer: { enable_annotations: true }
templating:
engines: ['twig']
default_locale: '%locale%'
trusted_hosts: ~
session:
# https://symfony.com/doc/current/reference/configuration/framework.html#handler-id
handler_id: session.handler.native_file
save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
fragments: ~
http_method_override: true
assets: ~
php_errors:
log: true
# Twig Configuration
twig:
debug: '%kernel.debug%'
strict_variables: '%kernel.debug%'
form_themes:
- 'bootstrap_3_layout.html.twig'
# Doctrine Configuration
doctrine:
dbal:
driver: pdo_mysql
host: '%database_host%'
port: '%database_port%'
dbname: '%database_name%'
user: '%database_user%'
password: '%database_password%'
charset: UTF8
# if using pdo_sqlite as your database driver:
# 1. add the path in parameters.yml
e.g. database_path: '%kernel.project_dir%/var/data/data.sqlite'
# 2. Uncomment database_path in parameters.yml.dist
# 3. Uncomment next line:
#path: '%database_path%'
orm:
auto_generate_proxy_classes: '%kernel.debug%'
naming_strategy: doctrine.orm.naming_strategy.underscore
auto_mapping: true
# Swiftmailer Configuration
swiftmailer:
transport: '%mailer_transport%'
host: '%mailer_host%'
username: '%mailer_user%'
password: '%mailer_password%'
spool: { type: memory }
# app/config/config.yml
fos_user:
db_driver: orm # other valid values are 'mongodb' and 'couchdb'
firewall_name: main
user_class: Taseera\UserBundle\Entity\User
from_email:
address: "%mailer_user%"
sender_name: "%mailer_user%"
service:
user_manager: pugx_user_manager
registration:
confirmation:
enabled: true
change_password:
form:
type:
\UserBundle\Form\ChangePasswordFormType # or 'fos_user_change_password' on Symfony < 2.8
name: fos_user_company_change_password_form
validation_groups: [ChangePassword, Default]
#profile:
# form:
# type: Taseera\CompanyBundle\Form\ProfileFormType # or 'fos_user_profile' on Symfony < 2.8
# name: fos_user_company_profile
# validation_groups: [Profile, Default]
pugx_multi_user:
users:
user_one:
entity:
class: Taseera\UserBundle\Entity\UserOne
registration:
form:
type: Taseera\UserBundle\Form\Type\RegistrationUserOneFormType
name: fos_user_registration_form
validation_groups: [Registration, Default]
template: TaseeraUserBundle:Registration:user_one.form.html.twig
profile:
form:
type: Taseera\UserBundle\Form\ProfileUserOneFormType
name: fos_user_company_profile
validation_groups: [Profile, Default]
user_two:
entity:
class: Taseera\UserBundle\Entity\UserTwo
registration:
form:
type: Taseera\UserBundle\Form\Type\RegistrationUserTwoFormType
#name: fos_user_registration_form
validation_groups: [Registration, Default]
template: TaseeraUserBundle:Registration:user_two.form.html.twig
profile:
form:
type: Taseera\UserBundle\Form\ProfileUserTwoFormType
fos_rest:
body_listener: true
param_fetcher_listener: force
view:
view_response_listener: 'force'
formats:
json: true
xml: false
rss: false
mime_types:
json: ['application/json', 'application/x-json']
jpg: ['image/jpeg']
png: ['image/png']
routing_loader:
default_format: json
include_format: false
format_listener:
enabled: true
rules:
- { path: '^/endpoint', priorities: ['json', 'xml'], fallback_format: json, prefer_extension: true }
- { path: '^/', priorities: [ 'text/html', '*/*'], fallback_format: html, prefer_extension: true }
exception:
enabled: true
#JMS Serializer
jms_serializer: ~
# CSA Guzzle
csa_guzzle:
profiler: "%kernel.debug%"
# Lexik JWT Bundle
lexik_jwt_authentication:
private_key_path: "%jwt_private_key_path%"
public_key_path: "%jwt_public_key_path%"
pass_phrase: "%jwt_key_pass_phrase%"
token_ttl: "%jwt_token_ttl%"
# Nelmio CORS
nelmio_cors:
defaults:
allow_origin: ["%cors_allow_origin%"]
allow_methods: ["POST", "PUT", "GET", "DELETE", "OPTIONS"]
allow_headers: ["Content-Type", "Authorization"]
max_age: 3600
paths:
'^/': ~
# Nelmio API Doc
nelmio_api_doc: ~

i found the solution and it's worked for me
i must desactivate the csrf_protection in the RegistrationUserOneFormType related to my entity UserOne like this
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults(array(
'csrf_protection' => false,
));
}

Template changes after installing django-allauth?

I am trying to install Django-rest-auth + registration. In the docs, it says to install Django-allauth which I did following the steps found here. However, once I did and migrated, my app seemed to be using a different template than the one I had set up originally.
I am using Django Rest Framework and Angular JS.
settings.py
INSTALLED_APPS = [
...
# Django Rest Framework
'rest_framework',
'rest_framework.authtoken',
# All auth
'django.contrib.sites',
'allauth',
'allauth.account',
'allauth.socialaccount',
# Rest auth
'rest_auth',
'rest_auth.registration',
# My app
'myapp',
]
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
# `allauth` needs this from django
'django.template.context_processors.request',
],
},
},
]
AUTHENTICATION_BACKENDS = (
# Needed to login by username in Django admin, regardless of `allauth`
'django.contrib.auth.backends.ModelBackend',
# `allauth` specific authentication methods, such as login by e-mail
'allauth.account.auth_backends.AuthenticationBackend',
)
SITE_ID = 1
My urls.py in my project folder looks like this:
from django.conf.urls import url, include
from django.contrib import admin
from django.views.generic import TemplateView
urlpatterns = [
url(r'^admin/', admin.site.urls),
# My api url
url(r'^api/', include('myapp.urls')),
# My application url
url(r'^$', TemplateView.as_view(template_name='base.html')),
# all auth Url
url(r'^accounts/', include('allauth.urls')),
# Rest-auth url
url(r'^rest-auth/', include('rest_auth.urls')),
url(r'^rest-auth/registration/', include('rest_auth.registration.urls')),
]
Before installing the all-auth app, going to 127.0.0.1:8000 returned a page using the base.html file. However, now I get a page with the following things:
Menu:
Link to Change E-mail
Sign out
What am I doing wrong? and how do I fix the problem. Thanks.
Any help is greatly appreciated!

LexikJWTBundle: no route found for POST /api/login_check

I am using LexikJWTBundle to authenticate an ionic angularjs app to a symfony2REST API.
My issue is that when I try to authenticate the user, Symfony returns : no route found for POST /api/login_check.
EDIT
I had put the route in my rest routing file so the resulting route was /api/api/login_check.
Now the error is: Unable to find the controller for path "/api/login_check".
It looks like LexikJWTBundle doesn't intercept the call.
End EDIT
I precise that my api is working fine w/o authentication and uses CORS though NelmioCorsBundle.
Here is my routing.yml portion:
api_login_check:
path: /api/login_check
Here is my config.yml
lexik_jwt_authentication:
private_key_path: %kernel.root_dir%/var/jwt/private.pem # ssh private key path
public_key_path: %kernel.root_dir%/var/jwt/public.pem # ssh public key path
pass_phrase: 'passphrase' # ssh key pass phrase
token_ttl: 86400 # token ttl - defaults to 86400
Here is my security.yml:
# app/config/security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/{_{profiler|wdt}}/
security: false
switch_user: true
main:
pattern: .*
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
switch_user: true
# JWT SETUP
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
username_parameter: username
password_parameter: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
# JWT SETUP
api:
pattern: ^/api
stateless: true
lexik_jwt:
authorization_header:
enabled: true
prefix: Bearer
query_parameter:
enabled: true
name: bearer
access_control:
# JWT SETUP
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }

Ok I found the issue: the firewall main should be located at the end because all routes maches this pattern and therefore prevent from going through other firewalls.
Stupid mistake again !
Thank you #keyboardSmaher for your help.
Now the security.yml looks like this:
# app/config/security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/{_{profiler|wdt}}/
security: false
switch_user: true
api_login:
pattern: ^/api/login
stateless: true
anonymous: true
provider: fos_userbundle
form_login:
check_path: api_login_check
require_previous_session: false
username_parameter: username
password_parameter: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
stateless: true
provider: fos_userbundle
lexik_jwt: ~
main:
pattern: .*
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
switch_user: true
# JWT SETUP
# JWT SETUP
role_hierarchy:
ROLE_DELEGATION: [ROLE_USER]
ROLE_EXPORT: [ROLE_USER]
ROLE_USER_ADMIN: [ROLE_USER]
ROLE_LIST_ADMIN: [ROLE_USER]
ROLE_IMPORT: [ROLE_USER]
ROLE_MOBILE: [ROLE_USER]
ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH]
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH]
access_control:
- { path: ^/$, role: ROLE_USER}
# - { path: ^/api, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/contacts, role: ROLE_USER }
- { path: ^/profile, roles: ROLE_USER }
- { path: ^/entites, role: ROLE_USER }
- { path: ^/export, role: ROLE_EXPORT }
- { path: ^/titres, roles: ROLE_ADMIN }
- { path: ^/categories, roles: ROLE_ADMIN }
- { path: ^/services, roles: ROLE_ADMIN }
- { path: ^/groupes, roles: ROLE_ADMIN }
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/imports, roles: ROLE_IMPORT }
- { path: ^/utilisateurs, roles: ROLE_USER_ADMIN }
- { path: ^/register, role: ROLE_SUPER_ADMIN }
- { path: ^/group, roles: ROLE_USER_ADMIN }
# JWT SETUP
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }

For form log in to work, you need to create the check_path route. The route has to point to an empty controller and it is intercepted by the security system.
Just create an empty controller for /api/login_check and point your api_login_check route to it.
This information is in the documentation below.
Documentation

FOSOAuthServerBundle configuration issue

I am building an app with angularjs frontend and symfony backend with the help of FOSOAuthServerBundle and FOSUserBundles for security.
Registration works fine but logging back in has an issue. When you provide your username/ password, authentication works fine and a token is generated but then a login form is presented to the user again to log in when they try to access a resource using the token.
I know it's a misconfiguration somewhere hoping someone will have the eye to point it our for me ;-)
security.yml
security:
encoders:
AppBundle\Entity\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
oauth_token:
pattern: ^/oauth/v2/token
security: false
oauth_authorize:
pattern: ^/oauth/v2/auth
form_login:
provider: fos_userbundle
check_path: _security_check
login_path: _demo_login
anonymous: true
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
api:
pattern: ^/api
fos_oauth: true
stateless: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
- { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
config.yml
fos_user:
db_driver: orm
firewall_name: main
user_class: AppBundle\Entity\User
fos_oauth_server:
db_driver: orm
client_class: AppBundle\Entity\Client
access_token_class: AppBundle\Entity\AccessToken
refresh_token_class: AppBundle\Entity\RefreshToken
auth_code_class: AppBundle\Entity\AuthCode
service:
user_provider: fos_user.user_manager
options:
supported_scopes: user