Changeset ac41d70 for ReserveNGo-backend/src/main
- Timestamp:
- 01/28/25 04:42:09 (3 months ago)
- Branches:
- master
- Children:
- 48e50b4, e2a84e9
- Parents:
- 0f3afae
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
ReserveNGo-backend/src/main/java/mk/ukim/finki/it/reservengo/config/WebSecurityConfig.java
r0f3afae rac41d70 4 4 import org.springframework.context.annotation.Bean; 5 5 import org.springframework.context.annotation.Configuration; 6 import org.springframework.http.HttpMethod; 6 7 import org.springframework.lang.NonNull; 7 8 import org.springframework.security.authentication.AuthenticationProvider; … … 37 38 .frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin)) 38 39 .authorizeHttpRequests((requests) -> requests 40 .requestMatchers(HttpMethod.OPTIONS,"/**").permitAll() 39 41 .requestMatchers( 40 " /api/**",42 "api/auth/**", 41 43 "/h2/**", 42 "/favicon.ico") 44 "/favicon.ico", 45 "/api/locals/**") 43 46 .permitAll() 47 .requestMatchers("/api/customer/**").hasRole("CUSTOMER") 48 .requestMatchers("/api/admin/**").hasRole("ADMIN") 44 49 .anyRequest() 45 50 .authenticated() … … 61 66 registry.addMapping("/api/**") 62 67 .allowedOrigins("http://localhost:5173") 63 .allowedMethods(" GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH", "HEAD")68 .allowedMethods("*") 64 69 .allowedHeaders("*") 65 70 .allowCredentials(true); … … 67 72 }; 68 73 } 69 70 74 }
Note:
See TracChangeset
for help on using the changeset viewer.