security:
    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        user_project_provider:
            entity:
                class: 'App\Domain\Entity\UserProject'
                property: 'userId'
    
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        project_secured_area:
            stateless: true
            anonymous: true
            provider: user_project_provider
            guard:
                authenticators:
                    - App\Application\Authentication\Authenticator\ApiTokenAuthenticator
                entry_point: App\Application\Authentication\Authenticator\ApiTokenAuthenticator
    
    access_control:
        - { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY }