notkshitij/SkycrateBackend
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Removed deprecated CORS errors

Browse Source
This commit is contained in:
vedang29
2025-04-15 02:41:21 +05:30
parent bf6c93efd5
commit 293b73cf2a
1 changed files with 34 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/main/java/com/skycrate/backend/skycrateBackend/config/SecurityConfiguration.java
+34 -16
View File
@@ -28,27 +28,45 @@ public class SecurityConfiguration {
this.jwtAuthenticationFilter = jwtAuthenticationFilter; this.jwtAuthenticationFilter = jwtAuthenticationFilter;
} }
// @Bean
// public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
// http.csrf()
// .disable()
// .authorizeHttpRequests()
// .requestMatchers("/api/hdfs/**") // Specific API endpoints that don't require authentication
// .permitAll()
// .requestMatchers("/api/**") // Other endpoints that should be open
// .permitAll()
// .anyRequest()
// .authenticated() // All other requests require authentication
// .and()
// .sessionManagement()
// .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
// .and()
// .authenticationProvider(authenticationProvider)
// .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
//
// return http.build();
// }
@Bean @Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.csrf() return http
.disable() .securityMatcher("/**")
.authorizeHttpRequests() .authorizeHttpRequests(auth -> auth
.requestMatchers("/api/hdfs/**") // Specific API endpoints that don't require authentication .requestMatchers("/api/hdfs/**", "/api/**").permitAll()
.permitAll() .anyRequest().authenticated()
.requestMatchers("/api/**") // Other endpoints that should be open )
.permitAll() .sessionManagement(session -> session
.anyRequest() .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.authenticated() // All other requests require authentication )
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authenticationProvider(authenticationProvider) .authenticationProvider(authenticationProvider)
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
.csrf(csrf -> csrf.disable())
return http.build(); .build();
} }
// @Bean // @Bean
// CorsConfigurationSource corsConfigurationSource() { // CorsConfigurationSource corsConfigurationSource() {
// CorsConfiguration configuration = new CorsConfiguration(); // CorsConfiguration configuration = new CorsConfiguration();