|
|
@@ -18,6 +18,7 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
|
+import org.springframework.http.HttpMethod;
|
|
|
|
|
|
import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
|
|
|
|
|
|
@@ -51,6 +52,7 @@ public class SecurityConfig {
|
|
|
"/js/**",
|
|
|
"/img/**"
|
|
|
).permitAll()
|
|
|
+ .requestMatchers(HttpMethod.OPTIONS, "/api/users", "/api/authorize", "/api/refresh").permitAll()
|
|
|
.requestMatchers("/api/users", "/api/authorize", "/api/refresh").authenticated()
|
|
|
.anyRequest().authenticated()
|
|
|
)
|
