security:
    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        secured_area:
            anonymous: ~
            oauth:
                resource_owners:
                    facebook:           /login/check-facebook
                    google:             /login/check-google
                    my_github:          /login/check-github
                login_path:        /login
                failure_path:      /login
                use_forward:       false

                oauth_user_provider:
                    service: my.custom.user_provider
            logout:
                path:   /logout
                target: /
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_token_generator: security.csrf.token_manager
                default_target_path: /

            logout:       true
            anonymous:    true

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/play, role: ROLE_USER }
        - { path: ^/admin, role: ROLE_SUPER_ADMIN }