webcron
/
webcron
1
0
Fork 0
Code Issues 6 Pull Requests Projects 1 Releases 6 Wiki Activity

BUGFIX: better security

This commit is contained in:
Jeroen De Meerleer 2022-05-30 13:31:11 +02:00
parent 01f385f6d5
commit dd0635e35b
Signed by: JeroenED
GPG Key ID: 28CCCB8F62BFADD6
2 changed files with 19 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
config/packages/security.yaml
View File

@ -11,13 +11,13 @@ security:
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js|health)/
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/?(%enabled_locales%)/(login|login_check|health)(?=.*)
pattern: ^/?(%enabled_locales%)?/(health)$
security: false
main:
pattern: ^\/(.*)
pattern: ^/(.*)
provider: app_user_provider
form_login:
@ -41,5 +41,5 @@ security:
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/(?!login|login_check|health)(?=.*), roles: ROLE_USER }
- { path: ^/?(%enabled_locales%)?/job, roles: ROLE_USER }
# - { path: ^/profile, roles: ROLE_USER }

25
config/routes.yaml
View File

@ -3,22 +3,27 @@ default:
defaults:
_controller: App\Controller\SecurityController::loginAction
health:
path: '/health'
defaults:
_controller: App\Controller\SiteController::healthAction
login:
path: '/{_locale}/login'
defaults:
_controller: App\Controller\SecurityController::loginAction
login_check:
path: '/login_check'
logout:
path: '/logout'
health:
path: '/health'
defaults:
_controller: App\Controller\SiteController::healthAction
default_locale:
path: '/{_locale}'
defaults:
_controller: App\Controller\SecurityController::loginAction
login:
path: '/{_locale}/login'
defaults:
_controller: App\Controller\SecurityController::loginAction
job_index:
path: '/{_locale}/job'
defaults: