Configuring Access Control

Overview of configuration options for the Nette Security.

If you are not using the whole framework, but only this library, read how to load the configuration.

You can define a list of users in the configuration to create a simple authenticator (Nette\Security\SimpleAuthenticator). Because passwords are readable in the configuration, this solution is for testing purposes only.

security:
	# shows user panel in Tracy Bar?
	debugger: ...  # (bool) defaults to true

	users:
		# name: password
		johndoe: secret123

		# name, password, role and other data available in the identity
		janedoe:
			password: secret123
			roles: [admin]
			data: ...

You can also define roles and resources to create a basis for authorizer (Nette\Security\Permission):

security:
	roles:
		guest:
		registered: [guest]  # registered inherits from guest
		admin: [registered]  # and admin inherits from registered

	resources:
		article:
		comment: [article]   # resource inherits from article
		poll:

User Storage

You can configure how to store information about the logged in user:

security:
	authentication:
		# after how long of inactivity the user will be logged out
		expiration: 30 minutes        # (string) default is not set

		# where to store information about the logged in user
		storage: session              # (session|cookie) default is session

If you choose cookie as your repository, you can also set the following options:

security:
	authentication:
		# jméno cookie
		cookieName: userId            # (string) výchozí je userid

		# which hosts are allowed to receive the cookie
		cookieDomain: 'example.com'  # (string|domain)

		# restrictions when accessing cross-origin request
		cookieSamesite: None          # (Strict|Lax|None) defaults to Lax