diff --git a/src/main/java/com/ericbouchut/learndev/common/config/SecurityConfig.java b/src/main/java/com/ericbouchut/learndev/common/config/SecurityConfig.java index b3e0a48..a32aefe 100644 --- a/src/main/java/com/ericbouchut/learndev/common/config/SecurityConfig.java +++ b/src/main/java/com/ericbouchut/learndev/common/config/SecurityConfig.java @@ -21,7 +21,7 @@ public PasswordEncoder passwordEncoder() { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http .authorizeHttpRequests(auth -> auth - .requestMatchers("/", "/auth/**", "/css/**", "/js/**").permitAll() + .requestMatchers("/", "/privacy", "/auth/**", "/css/**", "/js/**").permitAll() .anyRequest().authenticated()) .formLogin(form -> form .loginPage("/auth/login") // GET: show the login form diff --git a/src/main/java/com/ericbouchut/learndev/legal/LegalController.java b/src/main/java/com/ericbouchut/learndev/legal/LegalController.java new file mode 100644 index 0000000..c7e2652 --- /dev/null +++ b/src/main/java/com/ericbouchut/learndev/legal/LegalController.java @@ -0,0 +1,23 @@ +package com.ericbouchut.learndev.legal; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; + +/** + * Web endpoints for the legal pages. + * Currently the privacy policy (GDPR information duty, art. 13); + * future legal pages (terms of use, legal notice) belong here too. + */ +@Controller +public class LegalController { + + /** + * Display the privacy policy page (in French, the language of the + * supervisory framework this policy addresses). + * @return the name of the Thymeleaf template for the privacy policy + */ + @GetMapping("/privacy") + public String privacy() { + return "privacy"; + } +} diff --git a/src/main/resources/templates/home.html b/src/main/resources/templates/home.html index aefeee0..0b789ec 100644 --- a/src/main/resources/templates/home.html +++ b/src/main/resources/templates/home.html @@ -9,6 +9,7 @@