npm - kybernus - Versions diffs - 3.0.1 → 3.2.0 - Mend

kybernus 3.0.1 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (392) hide show

package/templates/ecommerce/package.json ADDED Viewed

@@ -0,0 +1,27 @@
+{
+  "name": "ecommerce",
+  "version": "1.0.0",
+  "private": true,
+  "workspaces": [
+    "apps/*",
+    "packages/*"
+  ],
+  "scripts": {
+    "dev:api": "npm run dev --workspace=apps/api",
+    "dev:web": "npm run dev --workspace=apps/web",
+    "test": "npm run test --workspaces --if-present",
+    "test:api": "npm run test --workspace=apps/api",
+    "test:web": "npm run test --workspace=apps/web",
+    "test:coverage": "npm run test:coverage --workspaces --if-present",
+    "build": "npm run build --workspaces --if-present",
+    "lint": "npm run lint --workspaces --if-present",
+    "format": "prettier --write \"**/*.{ts,tsx,json,md}\" --ignore-path .gitignore",
+    "db:migrate": "npm run db:migrate --workspace=apps/api",
+    "db:seed": "npm run db:seed --workspace=apps/api",
+    "db:studio": "npm run db:studio --workspace=apps/api",
+    "db:reset": "npm run db:reset --workspace=apps/api"
+  },
+  "devDependencies": {
+    "prettier": "^3.4.2"
+  }
+}

package/templates/ecommerce/packages/shared-types/package.json ADDED Viewed

@@ -0,0 +1,13 @@
+{
+  "name": "@ecommerce/shared-types",
+  "version": "1.0.0",
+  "private": true,
+  "main": "src/index.ts",
+  "types": "src/index.ts",
+  "scripts": {
+    "build": "tsc"
+  },
+  "devDependencies": {
+    "typescript": "^5.7.3"
+  }
+}

package/templates/ecommerce/packages/shared-types/src/index.ts ADDED Viewed

@@ -0,0 +1,3 @@
+// Shared DTOs and types between API and Web.
+// Grows as each phase is implemented.
+export * from './theme';

package/templates/ecommerce/packages/shared-types/src/theme.ts ADDED Viewed

@@ -0,0 +1,44 @@
+export interface ThemeColors {
+  primary: string;
+  secondary: string;
+  accent: string;
+  background: string;
+  surface: string;
+  error: string;
+  text: string;
+  textMuted: string;
+}
+export interface ThemeTypography {
+  fontFamily: string;
+  fontSize: {
+    xs: string;
+    sm: string;
+    base: string;
+    lg: string;
+    xl: string;
+    '2xl': string;
+    '3xl': string;
+  };
+}
+export interface ThemeBorderRadius {
+  sm: string;
+  md: string;
+  lg: string;
+  full: string;
+}
+export interface ThemeLogo {
+  src: string;
+  alt: string;
+  width: number;
+}
+export interface ThemeConfig {
+  storeName: string;
+  colors: ThemeColors;
+  typography: ThemeTypography;
+  borderRadius: ThemeBorderRadius;
+  logo: ThemeLogo;
+}

package/templates/ecommerce/packages/shared-types/tsconfig.json ADDED Viewed

@@ -0,0 +1,11 @@
+{
+  "extends": "../../tsconfig.json",
+  "compilerOptions": {
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "module": "commonjs",
+    "moduleResolution": "node"
+  },
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist"]
+}

package/templates/ecommerce/scripts/customize.sh ADDED Viewed

@@ -0,0 +1,201 @@
+#!/usr/bin/env bash
+# =============================================================================
+#  customize.sh — Personalizador white-label do template de e-commerce
+# =============================================================================
+#  Uso: bash scripts/customize.sh
+#  Execute na raiz do projeto após clonar o repositório.
+# =============================================================================
+set -euo pipefail
+# ── helpers ────────────────────────────────────────────────────────────────────
+BOLD='\033[1m'
+GREEN='\033[0;32m'
+CYAN='\033[0;36m'
+YELLOW='\033[1;33m'
+RED='\033[0;31m'
+RESET='\033[0m'
+info()    { echo -e "${CYAN}ℹ  $*${RESET}"; }
+success() { echo -e "${GREEN}✔  $*${RESET}"; }
+warn()    { echo -e "${YELLOW}⚠  $*${RESET}"; }
+error()   { echo -e "${RED}✖  $*${RESET}" >&2; }
+REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+SITE_CONFIG="$REPO_ROOT/apps/web/src/shared/config/siteConfig.ts"
+TOKENS_FILE="$REPO_ROOT/apps/web/src/shared/theme/tokens.ts"
+# ── check files exist ──────────────────────────────────────────────────────────
+for f in "$SITE_CONFIG" "$TOKENS_FILE"; do
+  if [[ ! -f "$f" ]]; then
+    error "Arquivo não encontrado: $f"
+    error "Execute este script na raiz do projeto."
+    exit 1
+  fi
+done
+# ── portable sed-in-place ──────────────────────────────────────────────────────
+# macOS usa `sed -i ''`, Linux usa `sed -i`
+sedi() {
+  if [[ "$(uname)" == "Darwin" ]]; then
+    LC_ALL=C sed -i '' "$@"
+  else
+    LC_ALL=C sed -i "$@"
+  fi
+}
+# ── banner ─────────────────────────────────────────────────────────────────────
+echo ""
+echo -e "${BOLD}╔══════════════════════════════════════════════════════╗${RESET}"
+echo -e "${BOLD}║       Personalizador de Loja — White-Label Setup      ║${RESET}"
+echo -e "${BOLD}╚══════════════════════════════════════════════════════╝${RESET}"
+echo ""
+info "Este script irá atualizar as configurações da sua loja."
+info "Pressione ENTER para manter o valor atual (mostrado entre colchetes)."
+echo ""
+# ── prompt helpers ─────────────────────────────────────────────────────────────
+ask() {
+  local prompt="$1"
+  local default="$2"
+  local var_name="$3"
+  echo -en "${BOLD}${prompt}${RESET} [${default}]: "
+  read -r input
+  if [[ -z "$input" ]]; then
+    eval "$var_name=\"\$default\""
+  else
+    eval "$var_name=\"\$input\""
+  fi
+}
+validate_hex_color() {
+  local color="$1"
+  if [[ ! "$color" =~ ^#[0-9A-Fa-f]{6}$ ]]; then
+    error "'$color' não é uma cor hex válida. Use o formato #RRGGBB (ex: #6366F1)"
+    return 1
+  fi
+  return 0
+}
+validate_cnpj() {
+  local cnpj="$1"
+  # Aceita formato XX.XXX.XXX/XXXX-XX ou sem formatação
+  if [[ ! "$cnpj" =~ ^[0-9]{2}\.[0-9]{3}\.[0-9]{3}/[0-9]{4}-[0-9]{2}$ ]] && \
+     [[ ! "$cnpj" =~ ^[0-9]{14}$ ]]; then
+    warn "CNPJ '$cnpj' não está no formato padrão (XX.XXX.XXX/XXXX-XX)."
+    warn "Continuando mesmo assim — você pode corrigir manualmente depois."
+  fi
+}
+# ── coleta de dados ────────────────────────────────────────────────────────────
+echo -e "${BOLD}── Informações da loja ─────────────────────────────────${RESET}"
+echo ""
+ask "Nome da loja" "Minha Loja" STORE_NAME
+ask "Razão social (para documentos legais)" "Minha Loja LTDA" COMPANY_NAME
+echo -en "${BOLD}CNPJ${RESET} [00.000.000/0001-00]: "
+read -r CNPJ_INPUT
+if [[ -z "$CNPJ_INPUT" ]]; then
+  CNPJ="00.000.000/0001-00"
+else
+  CNPJ="$CNPJ_INPUT"
+  validate_cnpj "$CNPJ"
+fi
+ask "Endereço comercial" "Rua Exemplo, 123 — São Paulo, SP, CEP 01000-000" COMPANY_ADDRESS
+echo ""
+echo -e "${BOLD}── Contato ─────────────────────────────────────────────${RESET}"
+echo ""
+ask "E-mail de suporte" "suporte@minhaloja.com.br" SUPPORT_EMAIL
+ask "E-mail de privacidade" "privacidade@minhaloja.com.br" PRIVACY_EMAIL
+ask "URL da loja" "https://minhaloja.com.br" STORE_URL
+echo ""
+echo -e "${BOLD}── Identidade visual ────────────────────────────────────${RESET}"
+echo ""
+# Cor primária com validação
+while true; do
+  ask "Cor primária (hex, ex: #6366F1)" "#6366F1" PRIMARY_COLOR
+  if validate_hex_color "$PRIMARY_COLOR"; then
+    break
+  fi
+done
+# ── resumo ─────────────────────────────────────────────────────────────────────
+echo ""
+echo -e "${BOLD}╔══════════════════════════════════════════════════════╗${RESET}"
+echo -e "${BOLD}║                   Resumo das alterações               ║${RESET}"
+echo -e "${BOLD}╚══════════════════════════════════════════════════════╝${RESET}"
+echo ""
+echo -e "  Nome da loja   : ${CYAN}${STORE_NAME}${RESET}"
+echo -e "  Razão social   : ${CYAN}${COMPANY_NAME}${RESET}"
+echo -e "  CNPJ           : ${CYAN}${CNPJ}${RESET}"
+echo -e "  Endereço       : ${CYAN}${COMPANY_ADDRESS}${RESET}"
+echo -e "  E-mail suporte : ${CYAN}${SUPPORT_EMAIL}${RESET}"
+echo -e "  E-mail privac. : ${CYAN}${PRIVACY_EMAIL}${RESET}"
+echo -e "  URL            : ${CYAN}${STORE_URL}${RESET}"
+echo -e "  Cor primária   : ${CYAN}${PRIMARY_COLOR}${RESET}"
+echo ""
+echo -en "${BOLD}Aplicar estas configurações? [S/n]: ${RESET}"
+read -r CONFIRM
+if [[ "$CONFIRM" =~ ^[Nn]$ ]]; then
+  warn "Operação cancelada. Nenhum arquivo foi modificado."
+  exit 0
+fi
+# ── apply changes ──────────────────────────────────────────────────────────────
+echo ""
+info "Aplicando alterações…"
+# ---------- siteConfig.ts ----------
+# name
+sedi "s|name: '.*',$|name: '${STORE_NAME}',|" "$SITE_CONFIG"
+# tagline (preserve original — usuário pode editar depois)
+# url
+sedi "s|url: '.*',$|url: '${STORE_URL}',|" "$SITE_CONFIG"
+# supportEmail
+sedi "s|supportEmail: '.*',$|supportEmail: '${SUPPORT_EMAIL}',|" "$SITE_CONFIG"
+# privacyEmail
+sedi "s|privacyEmail: '.*',$|privacyEmail: '${PRIVACY_EMAIL}',|" "$SITE_CONFIG"
+# companyName
+sedi "s|companyName: '.*',$|companyName: '${COMPANY_NAME}',|" "$SITE_CONFIG"
+# cnpj
+sedi "s|cnpj: '.*',$|cnpj: '${CNPJ}',|" "$SITE_CONFIG"
+# address
+sedi "s|address: '.*',$|address: '${COMPANY_ADDRESS}',|" "$SITE_CONFIG"
+success "siteConfig.ts atualizado"
+# ---------- tokens.ts ----------
+# storeName
+sedi "s|storeName: '.*',$|storeName: '${STORE_NAME}',|" "$TOKENS_FILE"
+# primary color
+sedi "s|primary: '#[0-9A-Fa-f]\{6\}',$|primary: '${PRIMARY_COLOR}',|" "$TOKENS_FILE"
+success "tokens.ts atualizado"
+# ── done ───────────────────────────────────────────────────────────────────────
+echo ""
+echo -e "${BOLD}${GREEN}╔══════════════════════════════════════════════════════╗${RESET}"
+echo -e "${BOLD}${GREEN}║           Personalização concluída com sucesso!       ║${RESET}"
+echo -e "${BOLD}${GREEN}╚══════════════════════════════════════════════════════╝${RESET}"
+echo ""
+echo -e "  Arquivos atualizados:"
+echo -e "    - apps/web/src/shared/config/siteConfig.ts"
+echo -e "    - apps/web/src/shared/theme/tokens.ts"
+echo ""
+echo -e "  Próximos passos:"
+echo -e "    1. Atualize os arquivos ${BOLD}.env${RESET} com as suas chaves (Stripe, SMTP, etc.)"
+echo -e "    2. Execute ${CYAN}npm run dev${RESET} para iniciar o ambiente"
+echo -e "    3. Acesse ${CYAN}http://localhost:5173${RESET} para visualizar a loja"
+echo ""

package/templates/ecommerce/tsconfig.json ADDED Viewed

@@ -0,0 +1,14 @@
+{
+  "compilerOptions": {
+    "target": "ES2022",
+    "lib": ["ES2022"],
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true,
+    "declaration": true,
+    "declarationMap": true,
+    "sourceMap": true
+  }
+}

package/templates/java-spring/clean/.gitignore.hbs ADDED Viewed

@@ -0,0 +1,72 @@
+# Compiled class files
+*.class
+# Log files
+*.log
+# Package files
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+# Virtual machine crash logs
+hs_err_pid*
+replay_pid*
+# Maven
+target/
+.mvn/wrapper/maven-wrapper.jar
+!**/src/main/**/target/
+!**/src/test/**/target/
+# Gradle
+.gradle
+build/
+!gradle/wrapper/gradle-wrapper.jar
+!**/src/main/**/build/
+!**/src/test/**/build/
+# Spring Boot
+spring-shell.log
+# STS / Eclipse
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+# IntelliJ IDEA
+.idea/
+*.iws
+*.iml
+*.ipr
+# VS Code
+.vscode/
+# NetBeans
+/nbproject/private/
+/nbbuild/
+/nbdist/
+/.nb-gradle/
+# Environment
+.env
+.env.local
+.env.*.local
+!.env.example
+application-local.yml
+application-local.properties
+application-dev.yml
+application-dev.properties
+# OS
+.DS_Store
+Thumbs.db

package/templates/java-spring/clean/docker-compose.yml.hbs CHANGED Viewed

@@ -1,7 +1,5 @@
-version: '3.8'
 services:
-  postgres:
+  db:
     image: postgres:15-alpine
     container_name: {{projectNameKebabCase}}-db
     environment:
@@ -13,6 +11,11 @@ services:
     volumes:
       - postgres_data:/var/lib/postgresql/data
     restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
 volumes:
   postgres_data:

package/templates/java-spring/clean/src/main/java/{{packagePath}}/application/usecase/PaymentUseCase.java.hbs CHANGED Viewed

@@ -22,23 +22,24 @@ public class PaymentUseCase {
         this.stripeGateway = stripeGateway;
     }
-    public String createCheckoutSession(String userId, String pricpackage {{packageName}}.application.usecase;
-import {{packageName}}.domain.l.UUID.fromString(userId))
+    public String createCheckoutSession(String userId, String priceId) throws Exception {
+        User user = userRepository.findById(userId)
                 .orElseThrow(() -> new RuntimeException("User not found"));
         String customerId = user.getStripeCustomerId();
         if (customerId == null || customerId.isEmpty()) {
-            cuimport com.stripeGateway.createCustomer(user.getEmail(), userId).getId();
+            customerId = stripeGateway.createCustomer(user.getEmail(), userId).getId();
             user.setStripeCustomerId(customerId);
             userRepository.save(user);
         }
         Session session = stripeGateway.createCheckoutSession(customerId, priceId, userId);
-        retu
-    private final UserRepository userRString createPortalSession(String userId) throws Exception {
-        User user = userRepository.findById(java.util.UUID.fromString(userId))
+        return session.getUrl();
+    }
+    public String createPortalSession(String userId) throws Exception {
+        User user = userRepository.findById(userId)
                 .orElseThrow(() -> new RuntimeException("User not found"));
         if (user.getStripeCustomerId() == null) {
@@ -56,7 +57,7 @@ import {{packageName}}.domain.l.UUID.fromString(userId))
                 Session session = (Session) event.getDataObjectDeserializer().getObject().orElse(null);
                 if (session != null && session.getClientReferenceId() != null) {
                     String userId = session.getClientReferenceId();
-                    userRepository.findById(java.util.UUID.fromString(userId)).ifPresent(user -> {
+                    userRepository.findById(userId).ifPresent(user -> {
                         user.setStripeCustomerId(session.getCustomer());
                         userRepository.save(user);
                     });
@@ -65,21 +66,24 @@ import {{packageName}}.domain.l.UUID.fromString(userId))
                 break;
             }
             case "customer.subscription.updated": {
-                com.stripe.model.Subscription sub =
-                        (com.stripe.model.Subscription) event.getDataObjectDeserializer().getObject().orElse(null);
-                if (sub != null) logger.info("Subscription updated: {} | Status: {}", sub.getId(), sub.getStatus());
+                com.stripe.model.Subscription sub = (com.stripe.model.Subscription) event.getDataObjectDeserializer()
+                        .getObject().orElse(null);
+                if (sub != null)
+                    logger.info("Subscription updated: {} | Status: {}", sub.getId(), sub.getStatus());
                 break;
             }
             case "customer.subscription.deleted": {
-                com.stripe.model.Subscription sub =
-                        (com.stripe.model.Subscription) event.getDataObjectDeserializer().getObject().orElse(null);
-                if (sub != null) logger.info("Subscription deleted: {}", sub.getId());
+                com.stripe.model.Subscription sub = (com.stripe.model.Subscription) event.getDataObjectDeserializer()
+                        .getObject().orElse(null);
+                if (sub != null)
+                    logger.info("Subscription deleted: {}", sub.getId());
                 break;
             }
             case "invoice.payment_failed": {
-                com.stripe.model.Invoice invoice =
-                        (com.stripe.model.Invoice) event.getDataObjectDeserializer().getObject().orElse(null);
-                if (invoice != null) logger.info("Payment failed for invoice: {}", invoice.getId());
+                com.stripe.model.Invoice invoice = (com.stripe.model.Invoice) event.getDataObjectDeserializer()
+                        .getObject().orElse(null);
+                if (invoice != null)
+                    logger.info("Payment failed for invoice: {}", invoice.getId());
                 break;
             }
             default:

package/templates/java-spring/clean/src/main/java/{{packagePath}}/infrastructure/persistence/entity/UserEntity.java.hbs ADDED Viewed

@@ -0,0 +1,52 @@
+package {{packageName}}.infrastructure.persistence.entity;
+import {{packageName}}.domain.entity.User;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import java.time.LocalDateTime;
+@Entity
+@Table(name = "users")
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+public class UserEntity {
+    @Id
+    private String id;
+    private String email;
+    private String name;
+    private String password;
+    private String stripeCustomerId;
+    private LocalDateTime createdAt;
+    public static UserEntity fromDomain(User user) {
+        return UserEntity.builder()
+                .id(user.getId())
+                .email(user.getEmail())
+                .name(user.getName())
+                .password(user.getPassword())
+                .stripeCustomerId(user.getStripeCustomerId())
+                .createdAt(user.getCreatedAt())
+                .build();
+    }
+    public User toDomain() {
+        return User.restore(
+                this.id,
+                this.email,
+                this.name,
+                this.password,
+                this.stripeCustomerId,
+                this.createdAt
+        );
+    }
+}

package/templates/java-spring/clean/src/main/java/{{packagePath}}/infrastructure/persistence/repository/JpaUserRepository.java.hbs ADDED Viewed

@@ -0,0 +1,12 @@
+package {{packageName}}.infrastructure.persistence.repository;
+import {{packageName}}.infrastructure.persistence.entity.UserEntity;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+import java.util.Optional;
+@Repository
+public interface JpaUserRepository extends JpaRepository<UserEntity, String> {
+    Optional<UserEntity> findByEmail(String email);
+}

package/templates/java-spring/clean/src/main/java/{{packagePath}}/infrastructure/security/JwtAuthenticationFilter.java.hbs ADDED Viewed

@@ -0,0 +1,64 @@
+package {{packageName}}.infrastructure.security;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+import javax.crypto.SecretKey;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+@Component
+public class JwtAuthenticationFilter extends OncePerRequestFilter {
+    private final String jwtSecret;
+    public JwtAuthenticationFilter(
+            @org.springframework.beans.factory.annotation.Value("${jwt.secret:your-super-secret-jwt-key-change-in-production}") String jwtSecret) {
+        this.jwtSecret = jwtSecret;
+    }
+    private SecretKey getSigningKey() {
+        return Keys.hmacShaKeyFor(jwtSecret.getBytes(StandardCharsets.UTF_8));
+    }
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+            throws ServletException, IOException {
+        String header = request.getHeader("Authorization");
+        if (header != null && header.startsWith("Bearer ")) {
+            String token = header.substring(7);
+            try {
+                Claims claims = Jwts.parser()
+                        .verifyWith(getSigningKey())
+                        .build()
+                        .parseSignedClaims(token)
+                        .getPayload();
+                String userId = claims.getSubject();
+                if (userId != null) {
+                    UserDetails userDetails = new User(userId, "", new ArrayList<>());
+                    UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
+                            userDetails, null, userDetails.getAuthorities());
+                    SecurityContextHolder.getContext().setAuthentication(authentication);
+                }
+            } catch (Exception e) {
+                logger.warn("Invalid JWT token: " + e.getMessage());
+            }
+        }
+        filterChain.doFilter(request, response);
+    }
+}

package/templates/java-spring/clean/src/main/java/{{packagePath}}/infrastructure/security/SecurityConfig.java.hbs ADDED Viewed

@@ -0,0 +1,36 @@
+package {{packageName}}.infrastructure.security;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig {
+    private final JwtAuthenticationFilter jwtAuthenticationFilter;
+    public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter) {
+        this.jwtAuthenticationFilter = jwtAuthenticationFilter;
+    }
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(AbstractHttpConfigurer::disable)
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/api/auth/**").permitAll()
+                        .requestMatchers("/api/payments/webhook").permitAll()
+                        .requestMatchers("/actuator/**").permitAll()
+                        .anyRequest().authenticated()
+                )
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+        return http.build();
+    }
+}