security:
  password_hashers:
    App\Entity\User:
      algorithm: auto

  providers:
    app_user_provider:
      entity:
        class: App\Entity\User
        property: username

  firewalls:
    dev:
      pattern: ^/(_(profiler|wdt)|css|images|js)/
      security: false
    main:
      lazy: true
      provider: app_user_provider
      user_checker: App\Security\UserChecker
      two_factor:
        check_path: 2fa_login_check
        auth_form_path: 2fa_login
        auth_code_parameter_name: _auth_code
        post_only: true
        default_target_path: MineSeekerBundle_homepage
        prepare_on_login: true
        prepare_on_access_denied: true
      form_login:
        login_path: MineSeekerBundle_login
        check_path: MineSeekerBundle_login
        default_target_path: MineSeekerBundle_homepage
        username_parameter: _username
        password_parameter: _password
        enable_csrf: true
      logout:
        path: MineSeekerBundle_logout
        target: MineSeekerBundle_homepage
      switch_user: false

  access_control:
    - { path: ^/2fa, roles: IS_AUTHENTICATED_2FA_IN_PROGRESS }
    - { path: ^/api/webauthn/authentication/begin, roles: PUBLIC_ACCESS }
    - { path: ^/api/webauthn/authentication/complete, roles: PUBLIC_ACCESS }