updated code for cors

src/main/java/net/gepafin/tendermanagement/TendermanagementApplication.java

@@ -2,7 +2,10 @@ package net.gepafin.tendermanagement;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.scheduling.annotation.EnableScheduling;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 @EnableScheduling
 @SpringBootApplication
@@ -12,6 +15,16 @@ public class TendermanagementApplication {
 		SpringApplication.run(TendermanagementApplication.class, args);
 		System.out.println("Spring Boot started");
 	}
+	
+	@Configuration
+	public class CorsConfig implements WebMvcConfigurer {
+
+		@Override
+		public void addCorsMappings(CorsRegistry registry) {
+			registry.addMapping("/**").allowedOrigins("http://localhost:3000")
+					.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD").allowCredentials(true);
+		}
+	}
 
 }
 

src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java

@@ -39,10 +39,13 @@ import net.gepafin.tendermanagement.config.jwt.TokenProvider;
 public class SecurityConfig {
 
     private final TokenProvider tokenProvider;
+    
+    private final CorsFilter corsFilter;
 
     @Autowired
-    public SecurityConfig(TokenProvider tokenProvider) {
+    public SecurityConfig(TokenProvider tokenProvider, CorsFilter corsFilter) {
         this.tokenProvider = tokenProvider;
+        this.corsFilter = corsFilter;
     }
 
     @Bean
@@ -70,17 +73,17 @@ public class SecurityConfig {
     }
 
 
-    @Bean
-    public CorsConfigurationSource corsConfigurationSource() {
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        CorsConfiguration config = new CorsConfiguration();
-        config.setAllowCredentials(true);
-        config.addAllowedOrigin("http://localhost:3000"); // Change this to your frontend URL
-        config.addAllowedHeader("*");
-        config.addAllowedMethod("*");
-        source.registerCorsConfiguration("/**", config);
-        return source;
-    }
+//    @Bean
+//    public CorsConfigurationSource corsConfigurationSource() {
+//        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+//        CorsConfiguration config = new CorsConfiguration();
+//        config.setAllowCredentials(true);
+//        config.addAllowedOrigin("http://localhost:3000"); // Change this to your frontend URL
+//        config.addAllowedHeader("*");
+//        config.addAllowedMethod("*");
+//        source.registerCorsConfiguration("/**", config);
+//        return source;
+//    }
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http, MvcRequestMatcher.Builder mvc) throws Exception {
@@ -96,7 +99,7 @@ public class SecurityConfig {
                 .sessionManagement(session -> session
                         .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                 )
-                .addFilterBefore(new CorsFilter(corsConfigurationSource()), AuthorizationFilter.class)
+                .addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
                 .addFilterBefore(new JWTFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class);
 
         return http.build();