Merge pull request #1 from BDE-ESIEE/fix/user-route-scope

Restrict /user route to authenticated requests only
BDE-ESIEE · Oct 16, 2021 · 578b254 · 578b254
2 parents c561bd5 + fa9aa74
commit 578b254
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/app/config/security.yml b/app/config/security.yml
@@ -56,3 +56,4 @@ security:
         - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/api/doc, role: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/user/.*, role: ROLE_USER }