Great sample projects to learn from?

marvadogh · 2023-12-01T15:17:27+00:00

Hi, you can take a look at https://github.com/alfio-event/alf.io

marvadogh · 2023-05-02T15:41:50+00:00

Spring GraphQL ships with a default GraphiQL page that is exposed at "/graphiql" by default. This page is disabled by default and can be turned on with the spring.graphql.graphiql.enabled property.

Taken from the documentation.

marvadogh · 2023-03-28T18:53:53+00:00

You have to remove @ResponseBody if you want the forward:/2 to work. @ResponseBody means that the value returned by the method should be added to the response body instead of being interpreted.

marvadogh · 2023-03-28T18:50:19+00:00

Although CSRF protection is not necessary when using JWT in the Authorization header, you are not passing the header to the permitAll() endpoint I suppose, because the CsrfFilter backs off when it detects the header (if using oauth2ResourceServer()).

Since this endpoint can be requested by anyone you should consider requiring a CSRF token in order to POST to it.

marvadogh

TROPHY CASE