Closed github-actions[bot] closed 2 years ago
Spring security handles secure login via WebSecurityConfig.configure
- a login controller is uneeded.
Will have to provide links to frontend logon via configure
protected void configure(HttpSecurity http) throws Exception {
// TODO handle login and auth requests through front-end webpages
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/api/v*/register/**").anonymous() // Difference between anonymous & permit all?
.antMatchers("/api/v*/login/**").permitAll()
.anyRequest()
.authenticated().and()
.formLogin();
}
https://github.com/StruckCroissant/Game-DB/blob/47fc0a8bae7c40a608babb563fce742f9cb8e636/api/main/java/com/StruckCroissant/GameDB/login/LoginController.java#L4