Update SecurityConfiguration.java

Author: SebastianLopezO

src/main/java/app/smartpot/api/security/config/SecurityConfiguration.java

@@ -65,14 +65,18 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSec) throws Exce
         }
 
         return httpSec
-                .csrf(AbstractHttpConfigurer::disable)
+                .csrf(csrf -> csrf
+                        // Ignorar CSRF para todas las rutas de API REST que usan autenticación JWT
+                        // CSRF no es necesario ni apropiado para APIs stateless con tokens en headers
+                        .ignoringRequestMatchers("/**")
+                )
                 .cors(cors -> cors.configurationSource(corsConfig))
                 .authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
                     authorizationManagerRequestMatcherRegistry.requestMatchers(org.springframework.http.HttpMethod.OPTIONS).permitAll();
                     authorizationManagerRequestMatcherRegistry.requestMatchers(publicRoutesList.toArray(new String[0])).permitAll();
                     authorizationManagerRequestMatcherRegistry.anyRequest().authenticated();
                 })
-                .httpBasic(AbstractHttpConfigurer::disable)
+                .httpBasic(Customizer.withDefaults())
                 .formLogin(AbstractHttpConfigurer::disable)
                 .sessionManagement(httpSecuritySessionManagementConfigurer -> httpSecuritySessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class)