byte/expensetracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed JWT Role assignment and method access

Browse Source
This commit is contained in:
DmitriiCravcenco
2023-10-05 22:25:05 +03:00
parent a6ed3794fe
commit 7f6a0c1f92
5 changed files with 6 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/faf223/expensetrackerfaf/config/SecurityConfiguration.java
View File

@@ -24,7 +24,7 @@ public class SecurityConfiguration {
.csrf(csrf -> csrf.disable())
.authorizeHttpRequests(auth -> auth
.requestMatchers("/api/v1/auth/**").permitAll()
.requestMatchers("/encomes").hasRole("ADMIN")
.requestMatchers("/expenses").hasRole("ADMIN")
.anyRequest().authenticated()
)
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))