new-ryc.git - Gitblit

			@@ -14,6 +14,7 @@
			import org.springframework.security.crypto.password.PasswordEncoder;
			import org.springframework.security.web.SecurityFilterChain;
			import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
			import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
			import org.springframework.web.cors.CorsConfiguration;
			import org.springframework.web.cors.CorsConfigurationSource;
			import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
			@@ -48,9 +49,22 @@
			.csrf(csrf -> csrf.disable())
			.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
			.authorizeHttpRequests(auth -> auth
			.requestMatchers("/api/auth/", "/api/actuator/", "/api/test/", "/api/cleanup/").permitAll()
			.requestMatchers("/api/graphql", "/api/graphql/**", "/api/graphiql").permitAll()
			.requestMatchers("/graphql", "/graphql/**").permitAll()
			.requestMatchers(
			new AntPathRequestMatcher("/auth/**"),
			new AntPathRequestMatcher("/api/auth/**"),
			new AntPathRequestMatcher("/actuator/**"),
			new AntPathRequestMatcher("/test/**"),
			new AntPathRequestMatcher("/cleanup/**"),
			new AntPathRequestMatcher("/api/health/**"),
			new AntPathRequestMatcher("/upload/**"),
			new AntPathRequestMatcher("/api/upload/**"),
			new AntPathRequestMatcher("/graphiql/**"),
			new AntPathRequestMatcher("/graphql/**"),
			new AntPathRequestMatcher("/api/graphql/**"),
			new AntPathRequestMatcher("/api/graphiql/**"),
			new AntPathRequestMatcher("/player/export/applications"),
			new AntPathRequestMatcher("/api/player/export/applications")
			).permitAll()
			.anyRequest().authenticated()
			)
			.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);