- disable csrf

sympoll · Sep 9, 2024 · e17979a · e17979a
1 parent 363b402
commit e17979a
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/src/main/java/com/MTAPizza/Sympoll/api_gateway_service/config/SecurityConfigEnabled.java b/src/main/java/com/MTAPizza/Sympoll/api_gateway_service/config/SecurityConfigEnabled.java
@@ -6,6 +6,7 @@
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
@@ -14,7 +15,9 @@
 public class SecurityConfigEnabled {
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
-        return httpSecurity.authorizeHttpRequests(authorize -> authorize
+        return httpSecurity
+        .csrf(AbstractHttpConfigurer::disable)
+                .authorizeHttpRequests(authorize -> authorize
                         .anyRequest().authenticated())
                 .oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()))
                 .build();