From d758e655eea6d73afe247879a9e1da15873b41b9 Mon Sep 17 00:00:00 2001
From: Lauro Correia Silveira <lauro.silveira@outlook.com.br>
Date: Wed, 20 Dec 2023 10:10:26 +0100
Subject: [PATCH] Setup Cros configuration to allow between railway and spring
 requests (#85) (#87)

---
 .../infraestructure/security/SecurityConfigurations.java  | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityConfigurations.java b/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityConfigurations.java
index c025722..632ce86 100644
--- a/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityConfigurations.java
+++ b/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityConfigurations.java
@@ -39,7 +39,7 @@ public class SecurityConfigurations {
   @Bean
   public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
     //disable cross site request forgery
-    return http.csrf(AbstractHttpConfigurer::disable)
+    return http.csrf(csrf -> csrf.ignoringRequestMatchers("/login/**") )
         //Disable Spring control and allow all endpoints
             .sessionManagement(managementConfigurer ->
                     managementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
@@ -55,10 +55,10 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
   }
 
 
-  /**
+/*  *//**
    * Configure Cross
    * @return CorsConfigurationSource
-   */
+   *//*
   @Bean
    public CorsConfigurationSource corsConfigurationSource() {
     CorsConfiguration configuration = new CorsConfiguration();
@@ -68,7 +68,7 @@ public CorsConfigurationSource corsConfigurationSource() {
     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
     source.registerCorsConfiguration("/**", configuration);
     return source;
-  }
+  }*/
 
 
   /**