♻️ refactor: binding POST request urls related to item in WebSecurity…

…Config
depromeet · Jul 10, 2023 · 6548548 · 6548548
1 parent abe9f34
commit 6548548
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/backend/streetdrop-api/src/main/java/com/depromeet/security/config/WebSecurityConfig.java b/backend/streetdrop-api/src/main/java/com/depromeet/security/config/WebSecurityConfig.java
@@ -14,8 +14,6 @@
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 
-import static org.springframework.http.HttpMethod.POST;
-
 @Configuration
 @EnableWebSecurity
 @RequiredArgsConstructor
@@ -31,11 +29,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .and().csrf().disable()
                 .authorizeHttpRequests()
                 .requestMatchers("/users/*").authenticated()
-                .requestMatchers(HttpMethod.POST, "/items").authenticated()
+                .requestMatchers(HttpMethod.POST, "/items/*").authenticated()
                 .requestMatchers(HttpMethod.PATCH, "/items/*").authenticated()
                 .requestMatchers(HttpMethod.DELETE, "/items/*").authenticated()
-                .requestMatchers("/items/*/likes", "/items/*/unlikes").authenticated()
-                .requestMatchers(POST, "items/claim").authenticated()
                 .anyRequest().permitAll().and()
                 .anonymous().and()
                 .formLogin().disable()