#1 Fix getting app logo and icon returning HTTP 403

.drone.yml

@@ -1,6 +1,6 @@
 ---
 global-variables:
-  release: &release ${DRONE_BRANCH##/**}
+  release: &release ${DRONE_BRANCH##**/}
   environment: &environment
     JAVA_VERSION: 11
     GRADLE_VERSION: 7.1
@@ -52,7 +52,6 @@ steps:
         - GRADLE_VERSION
         - JAVA_VERSION
         - CRE_VERSION
-        - CRE_PORT
       repo: *docker-registry-repo
     when:
       branch: develop
@@ -65,9 +64,8 @@ steps:
       build_args_from_env:
         - GRADLE_VERSION
         - JAVA_VERSION
-        - CRE_PORT
-      build-args:
-        CRE_VERSION: *release
+      build_args:
+        - CRE_VERSION=${DRONE_BRANCH##**/}
       repo: *docker-registry-repo
     when:
       branch: release/**
@@ -85,7 +83,7 @@ steps:
         from_secret: deploy_server_ssh_port
       DEPLOY_SERVER_SSH_KEY:
         from_secret: deploy_server_ssh_key
-      DEPLOY_CONTAINER_NAME: cre_backend-${DRONE_BRANCH}
+      DEPLOY_CONTAINER_NAME: cre_backend
       DEPLOY_SPRING_PROFILES: mysql,rest
       DEPLOY_DATA_VOLUME: /var/cre/data
       DEPLOY_CONFIG_VOLUME: /var/cre/config

src/main/kotlin/dev/fyloz/colorrecipesexplorer/config/security/SecurityConfig.kt

@@ -8,7 +8,10 @@ import dev.fyloz.colorrecipesexplorer.service.CreUserDetailsService
 import dev.fyloz.colorrecipesexplorer.service.UserService
 import org.slf4j.Logger
 import org.springframework.boot.context.properties.EnableConfigurationProperties
-import org.springframework.context.annotation.*
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.context.annotation.Lazy
+import org.springframework.context.annotation.Profile
 import org.springframework.core.env.Environment
 import org.springframework.http.HttpMethod
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
@@ -99,11 +102,9 @@ class SecurityConfig(
             .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
 
         if (!debugMode) {
-            http.authorizeRequests()
-                .antMatchers("/api/login").permitAll()
-                .antMatchers("/api/logout").fullyAuthenticated()
-                .antMatchers("/api/user/current").fullyAuthenticated()
-                .anyRequest().fullyAuthenticated()
+            http
+                .authorizeRequests()
+                .anyRequest().permitAll()
         } else {
             http
                 .cors()

src/main/kotlin/dev/fyloz/colorrecipesexplorer/rest/AccountControllers.kt

@@ -32,6 +32,7 @@ class UserController(private val userService: UserService) {
         ok(userService.getByIdForOutput(id))
 
     @GetMapping("current")
+    @PreAuthorize("isFullyAuthenticated()")
     fun getCurrent(loggedInUser: Principal?) =
         if (loggedInUser != null)
             ok(
@@ -161,6 +162,7 @@ class GroupsController(
 @Profile("!emergency")
 class LogoutController(private val userService: UserService) {
     @GetMapping("logout")
+    @PreAuthorize("isFullyAuthenticated()")
     fun logout(request: HttpServletRequest) =
         ok {
             userService.logout(request)