Major refactoring to include frontend...

config/packages/api_platform.yaml

@@ -7,7 +7,10 @@ api_platform:
             mime_types: ['application/json']
         jsonld:
             mime_types: ['application/ld+json']
+        html:
+            mime_types: ['text/html']
     defaults:
-        stateless: true
+        stateless: false
         cache_headers:
             vary: ['Content-Type', 'Authorization', 'Origin']
+

config/packages/asset_mapper.yaml

@@ -0,0 +1,11 @@
+framework:
+    asset_mapper:
+        # The paths to make available to the asset mapper.
+        paths:
+            - assets/
+        missing_import_mode: ignore
+
+when@prod:
+    framework:
+        asset_mapper:
+            missing_import_mode: warn

config/packages/security.yaml

@@ -14,12 +14,19 @@ security:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
         main:
+            form_login:
+                login_path: app_login
+                check_path: app_login
+                enable_csrf: true
+            logout:
+                path: /logout
+                target: app_login
             lazy: true
             provider: app_user_provider
-            json_login:
-                check_path: app_login
-                username_path: username
-                password_path: password
+            #json_login:
+            #    check_path: app_login
+            #    username_path: username
+            #    password_path: password
 
             # activate different ways to authenticate
             # https://symfony.com/doc/current/security.html#the-firewall
@@ -30,6 +37,8 @@ security:
     # Easy way to control access for large sections of your site
     # Note: Only the *first* access control that matches will be used
     access_control:
+        - { path: ^/$, roles: ROLE_USER }
+        - { path: ^/api, roles: ROLE_USER }
         # - { path: ^/admin, roles: ROLE_ADMIN }
         # - { path: ^/profile, roles: ROLE_USER }