fixed auth on static files

backend/flea-market-manager-controller/src/main/java/cz/fi/muni/pa165/flea/market/manager/config/SecurityConfig.java

@@ -10,6 +10,7 @@ import org.springframework.security.authentication.AuthenticationCredentialsNotF
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
@@ -20,10 +21,7 @@ import org.springframework.web.filter.CorsFilter;
 
 import java.util.Optional;
 
-import static cz.fi.muni.pa165.flea.market.manager.config.PathsConfig.MARKET_EVENT;
-import static cz.fi.muni.pa165.flea.market.manager.config.PathsConfig.SESSION;
-import static cz.fi.muni.pa165.flea.market.manager.config.PathsConfig.STAND;
-import static cz.fi.muni.pa165.flea.market.manager.config.PathsConfig.USER;
+import static cz.fi.muni.pa165.flea.market.manager.config.PathsConfig.*;
 
 /**
  * Security configuration for the app
@@ -63,7 +61,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                 .antMatchers(HttpMethod.GET, API_DOCS).permitAll()
                 .antMatchers(HttpMethod.GET, MARKET_EVENT + "/list").permitAll()
                 .antMatchers(HttpMethod.GET, STAND).permitAll()
-                .anyRequest().authenticated()
+                .antMatchers(REST_ROOT).authenticated()
                 .and()
                 .addFilterBefore(authFilter, UsernamePasswordAuthenticationFilter.class);
     }