Max665/biblenotes-java
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update SecurityConfig.java

Browse Source
This commit is contained in:
Max W. 2024-09-09 00:36:52 +02:00
parent ba239764bf
commit 2e0c93a400
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/de/w665/biblenotes/config/SecurityConfig.java
View File

@ -33,15 +33,13 @@ public class SecurityConfig {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
// TODO: Fix security config for this project (currently old state from sharepulse)
http
.csrf(csrf -> csrf.ignoringRequestMatchers("/api/v1/**")) // Disable CSRF for API routes
.sessionManagement(sessionManagement -> sessionManagement
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // No session will be created by Spring Security
)
.authorizeHttpRequests(authorize -> authorize
.requestMatchers("/api/v1/secure/**").authenticated() // Secure these endpoints
.requestMatchers("/api/v1/**").authenticated() // Secure all /api/v1/** routes
.anyRequest().permitAll() // All other requests are allowed without authentication
)
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) // Apply JWT filter