search

llTheBlankll / attendance-system-api-springboot

This project is an Attendance System API built using Spring Boot, WebSocket, and JWT Authentication. The system provides a robust solution for tracking and managing attendance records, with support for real-time updates through WebSocket communication. This attendance is based on the education system of the Philippines
GNU General Public License v3.0
5 stars 3 forks source link

Control the Endpoint security #18

Open llTheBlankll opened 3 months ago

llTheBlankll commented 3 months ago 
@Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity security) throws Exception {
        return security
            .csrf(AbstractHttpConfigurer::disable)
            .cors(cors -> cors.configurationSource(corsConfiguration()))
            .authorizeHttpRequests(authorizeRequests ->
                authorizeRequests
                    .requestMatchers("/public/**").permitAll()
                    .anyRequest().permitAll() // Temporarily allow all requests
            )
            .authenticationProvider(authenticationProvider)
            .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
            .build();
    }

Remove the temporary requests

authorizeRequests
    .requestMatchers("/public/**").permitAll()
    .anyRequest().permitAll() // Temporarily allow all requests