origins in ws

StackTheCode · StackTheCode · commit e2d783f8eb51 · 2026-02-27T15:54:50.000Z
diff --git a/backend/src/main/java/com/rk/postguard/config/SecurityConfig.java b/backend/src/main/java/com/rk/postguard/config/SecurityConfig.java
@@ -23,7 +23,7 @@
 @EnableWebSecurity
 @RequiredArgsConstructor
 public class SecurityConfig {
-    @Value("${spring.cors.allowed-origins}")
+    @Value("${CORS_ALLOWED_ORIGINS}")
     private List<String> allowedOrigins;
 
 
@@ -37,7 +37,6 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http, CorsConfigurat
                 .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .authorizeHttpRequests(auth -> auth
                         .requestMatchers("/api/v1/auth/**","/api/v1/users/**","/api/v1/analytics/**","/ping","/health","/actuator/**" ,"/ws/**").permitAll()
-//                        .requestMatchers(HttpMethod.DELETE, ).authenticated()
                         .anyRequest().authenticated()
                 )
         .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
diff --git a/backend/src/main/java/com/rk/postguard/config/WebSocketConfig.java b/backend/src/main/java/com/rk/postguard/config/WebSocketConfig.java
@@ -2,19 +2,23 @@
 
 import com.rk.postguard.Interceptors.WebSocketAuthInterceptor;
 import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.messaging.simp.config.ChannelRegistration;
 import org.springframework.messaging.simp.config.MessageBrokerRegistry;
 import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
 import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
 import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer;
 
+import java.util.List;
+
 @Configuration
 @EnableWebSocketMessageBroker
 @RequiredArgsConstructor
 public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
     private final WebSocketAuthInterceptor webSocketAuthInterceptor;
-
+    @Value("${WS_ALLOWED_ORIGINS}")
+    private List<String> allowedOrigins;
     @Override
     public void configureMessageBroker(MessageBrokerRegistry config){
         config.enableSimpleBroker("/topic", "/queue");
@@ -24,7 +28,7 @@ public void configureMessageBroker(MessageBrokerRegistry config){
     @Override
     public void registerStompEndpoints(StompEndpointRegistry registry) {
         registry.addEndpoint("/ws")
-                .setAllowedOrigins("http://localhost:3000", "http://localhost:5173")
+                .setAllowedOrigins(String.valueOf(allowedOrigins))
         .withSockJS();
 
     }
