diff --git a/src/main/java/ru/nsu/fit/directors/userservice/configuration/SecurityConfiguration.java b/src/main/java/ru/nsu/fit/directors/userservice/configuration/SecurityConfiguration.java index a6598c1..7795f38 100644 --- a/src/main/java/ru/nsu/fit/directors/userservice/configuration/SecurityConfiguration.java +++ b/src/main/java/ru/nsu/fit/directors/userservice/configuration/SecurityConfiguration.java @@ -17,7 +17,13 @@ public class SecurityConfiguration { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { return http.csrf(AbstractHttpConfigurer::disable) .authorizeHttpRequests(matcher -> matcher - .requestMatchers("/user/login", "/user/register", "/user/swagger-ui/**", "/user/api-docs/**") + .requestMatchers( + "/user/login", + "/user/register", + "/user/swagger-ui/**", + "/user/api-docs/**", + "/user/code" + ) .permitAll() .anyRequest() .authenticated() @@ -25,7 +31,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .build(); } - @Bean public WebSecurityCustomizer webSecurityCustomizer() { return web -> { diff --git a/src/main/java/ru/nsu/fit/directors/userservice/controller/CodeController.java b/src/main/java/ru/nsu/fit/directors/userservice/controller/CodeController.java index 056fedc..ad26635 100644 --- a/src/main/java/ru/nsu/fit/directors/userservice/controller/CodeController.java +++ b/src/main/java/ru/nsu/fit/directors/userservice/controller/CodeController.java @@ -1,6 +1,5 @@ package ru.nsu.fit.directors.userservice.controller; -import lombok.AccessLevel; import lombok.RequiredArgsConstructor; import org.springframework.http.MediaType; import org.springframework.web.bind.annotation.CrossOrigin; @@ -19,7 +18,7 @@ */ @RestController @RequestMapping(value = "/user/code", produces = MediaType.APPLICATION_JSON_VALUE) -@RequiredArgsConstructor(access = AccessLevel.PUBLIC) +@RequiredArgsConstructor @CrossOrigin(allowCredentials = "true", originPatterns = {"*"}) public class CodeController { private final CodeService codeService;