From 681b6a3ba2874bbd5e893353f4d4a9f87a94f398 Mon Sep 17 00:00:00 2001
From: Jose <josamagal@alum.us.es>
Date: Sat, 31 Jan 2026 01:59:51 +0100
Subject: [PATCH] Change: public-authenticated routes in auth controller like
 login, refresh or change-password.

---
 .../net/miarma/backend/core/config/SecurityConfig.java    | 5 ++++-
 .../miarma/backend/core/controller/AuthController.java    | 8 ++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/net/miarma/backend/core/config/SecurityConfig.java b/core/src/main/java/net/miarma/backend/core/config/SecurityConfig.java
index 6921383..5448bc4 100644
--- a/core/src/main/java/net/miarma/backend/core/config/SecurityConfig.java
+++ b/core/src/main/java/net/miarma/backend/core/config/SecurityConfig.java
@@ -64,7 +64,10 @@ public class SecurityConfig {
                 .accessDeniedHandler(accessDeniedHandler)
             )
             .authorizeHttpRequests(auth -> auth
-                .requestMatchers("/auth/**", "/screenshot").permitAll()
+                .requestMatchers("/auth/login").permitAll()
+                .requestMatchers("/auth/refresh").permitAll()
+                .requestMatchers("/auth/change-password").permitAll()
+                .requestMatchers("/screenshot").permitAll()
                 .anyRequest().authenticated()
             );
 
diff --git a/core/src/main/java/net/miarma/backend/core/controller/AuthController.java b/core/src/main/java/net/miarma/backend/core/controller/AuthController.java
index 91c1d53..63dec37 100644
--- a/core/src/main/java/net/miarma/backend/core/controller/AuthController.java
+++ b/core/src/main/java/net/miarma/backend/core/controller/AuthController.java
@@ -41,7 +41,7 @@ public class AuthController {
         return ResponseEntity.ok(authService.register(request));
     }
     
-    @PostMapping("/refresh")
+    @GetMapping("/refresh")
     public ResponseEntity<?> refreshToken(@RequestHeader("Authorization") String authHeader) {
         if (authHeader == null || !authHeader.startsWith("Bearer ")) {
             return ResponseEntity.status(401).body(
@@ -72,9 +72,9 @@ public class AuthController {
         String newToken = jwtService.generateToken(userId, serviceId);
 
         return ResponseEntity.ok(Map.of(
-                "token", newToken,
-                "userId", userId,
-                "serviceId", serviceId
+            "token", newToken,
+            "userId", userId,
+            "serviceId", serviceId
         ));
     }