caisse-bliss/app/config/security.yml

# To get started with security, check out the documentation:
# https://symfony.com/doc/current/security.html
security:
    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt
    # https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
    providers:
        fos_userbundle:
            id: fos_user.user_provider.username
    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_token_generator: security.csrf.token_manager
                default_target_path: dashboard
            logout:       true
            anonymous:    true
            logout_on_user_change: true
            # https://symfony.com/doc/current/security/form_login_setup.html
            # activate different ways to authenticate
            # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
            #http_basic: ~

        secured_area:
            anonymous: ~
            logout_on_user_change: true
            oauth:
                resource_owners:
                    facebook:           "/login/check-facebook"
                    google:             "/login/check-google"
#                    disqus:             "/login/check-disqus"
#                    my_custom_provider: "/login/check-custom"
                    twitter:          "/login/check-twitter"
                login_path:        /login
                use_forward:       false
                failure_path:      /login

                oauth_user_provider:
                    service: my.oauth_aware.user_provider.service

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    access_control:
        - { path: ^/dashboard$, role: IS_AUTHENTICATED_REMEMBERED }
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, role: ROLE_ADMIN }