hofix: unactivate auth filter to related API

chock-cho · chock-cho · commit c64d2171004d · 2026-03-08T15:33:31.000+09:00
diff --git a/presentation/src/main/kotlin/com/dobby/api/config/WebSecurityConfig.kt b/presentation/src/main/kotlin/com/dobby/api/config/WebSecurityConfig.kt
@@ -71,14 +71,20 @@ class WebSecurityConfig {
         securityManager: SecurityManager,
         handlerExceptionResolver: HandlerExceptionResolver
     ): SecurityFilterChain = httpSecurity
-        .securityMatcher("/v1/experiment-posts/{postId}/details")
+        .securityMatcher(
+            "/v1/experiment-posts/{postId}/details",
+            "/v1/experiment-posts/{postId}/details/related"
+        )
         .csrf { it.disable() }
         .cors(Customizer.withDefaults())
         .sessionManagement {
             it.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
         }
         .authorizeHttpRequests {
-            it.requestMatchers("/v1/experiment-posts/{postId}/details").permitAll()
+            it.requestMatchers(
+                "/v1/experiment-posts/{postId}/details",
+                "/v1/experiment-posts/{postId}/details/related"
+            ).permitAll()
         }
         .addFilterBefore(
             JwtOptionalAuthenticationFilter(securityManager, handlerExceptionResolver),
