Setup Cros configuration to allow between railway and spring requests (…

…#85) (#87)
LauroSilveira · Dec 20, 2023 · d758e65 · d758e65
1 parent 59fc28d
commit d758e65
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityConfigurations.java b/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityConfigurations.java
@@ -39,7 +39,7 @@ public class SecurityConfigurations {
   @Bean
   public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
     //disable cross site request forgery
-    return http.csrf(AbstractHttpConfigurer::disable)
+    return http.csrf(csrf -> csrf.ignoringRequestMatchers("/login/**") )
         //Disable Spring control and allow all endpoints
             .sessionManagement(managementConfigurer ->
                     managementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
@@ -55,10 +55,10 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
   }
 
 
-  /**
+/*  *//**
    * Configure Cross
    * @return CorsConfigurationSource
-   */
+   *//*
   @Bean
    public CorsConfigurationSource corsConfigurationSource() {
     CorsConfiguration configuration = new CorsConfiguration();
@@ -68,7 +68,7 @@ public CorsConfigurationSource corsConfigurationSource() {
     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
     source.registerCorsConfiguration("/**", configuration);
     return source;
-  }
+  }*/
 
 
   /**