# To get started with security, check out the documentation:
# http://symfony.com/doc/current/security.html
security:
    encoders:
        FOS\UserBundle\Model\UserInterface:
            algorithm: bcrypt
            cost: 14
    providers:
        fos_userbundle:
           id: fos_user.user_provider.username
    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        secured_area:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                login_path: /login
                check_path: /login_check
            logout:
                path: /logout
                target: /
            anonymous: true
            oauth:
                resource_owners:
                    facebook: /login/callback/facebook
                    google: /login/callback/google
                    twitter: /login/callback/twitter
                    instagram: /login/callback/instagram
                    amazon: /login/callback/amazon
                    yahoo: /login/callback/yahoo
                login_path:        /connect
                use_forward:       false
                failure_path:      /login
                oauth_user_provider:
                    service: hwi_oauth.user.provider.fosub_bridge
    access_control:

        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/user$, role: ROLE_USER }
        - { path: ^/gallery/upload, role: ROLE_USER }
        - { path: ^/gallery, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin$, role: ROLE_ADMIN }