1. Long user_id → Authentication authentication

2. SecurityConfig .anyRequest().permitAll();無効する
5 months ago · ddec6a2e23
parent 2e2214c908
commit ddec6a2e23
2 changed files with 6 additions and 2 deletions
--- a/backend/src/main/java/com/example/todoapp/config/SecurityConfig.java
+++ b/backend/src/main/java/com/example/todoapp/config/SecurityConfig.java
@ -5,6 +5,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@ -49,8 +50,10 @@ public class SecurityConfig {
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .authorizeHttpRequests()
-                .requestMatchers("/auth/**").permitAll() // 認証エンドポイントは認証不要
-                .anyRequest().authenticated(); // その他のエンドポイントは認証必要
+                // .requestMatchers("/auth/**").permitAll() // 認証エンドポイントは認証不要
+                // .anyRequest().authenticated()
+            .anyRequest().permitAll();
+                ; // その他のエンドポイントは認証必要

        // JWTフィルターを認証フィルターの前に追加
        http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
--- a/backend/src/main/java/com/example/todoapp/dto/ToBuyResponse.java
+++ b/backend/src/main/java/com/example/todoapp/dto/ToBuyResponse.java
@ -6,6 +6,7 @@ import lombok.Data;
 public class ToBuyResponse {
    private int tobuy_id;
    private Long stuff_id;
+    private String stuff_name;
    private int amount;
    private String shop;
 }