| | |
|---|
| | | .csrf(csrf -> csrf.disable()) |
|---|
| | | .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) |
|---|
| | | .authorizeHttpRequests(auth -> auth |
|---|
| | | .requestMatchers("/api/auth/**", "/api/actuator/**", "/api/test/**", "/api/cleanup/**").permitAll() |
|---|
| | | .requestMatchers("/api/graphql", "/api/graphql/**", "/api/graphiql").permitAll() |
|---|
| | | .requestMatchers("/graphql", "/graphql/**").permitAll() |
|---|
| | | .requestMatchers("/auth/**", "/actuator/**", "/test/**", "/cleanup/**").permitAll() |
|---|
| | | .requestMatchers("/upload/**").permitAll() |
|---|
| | | .requestMatchers("/graphql", "/graphql/**", "/graphiql").permitAll() |
|---|
| | | .anyRequest().authenticated() |
|---|
| | | ) |
|---|
| | | .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); |
|---|
