Updated packages and added CSRF ignore

2024-04-01 21:27:30 +02:00
parent 4e43df8075
commit 80610b774a
3 changed files with 23 additions and 56 deletions
--- a/src/main/java/de/w665/sharepulse/config/SecurityConfig.java
+++ b/src/main/java/de/w665/sharepulse/config/SecurityConfig.java
@ -23,6 +23,9 @@ public class SecurityConfig {
                        .permitAll()
                )
                .logout(LogoutConfigurer::permitAll)
+                .csrf(csrf -> csrf
+                        .ignoringRequestMatchers("/api/v1/**") // Disable CSRF for /api/**
+                )
                .rememberMe(Customizer.withDefaults());
        return http.build();
    }