From e56cb96e8240649a9af81f8798e2d55dc40cc1e4 Mon Sep 17 00:00:00 2001
From: junho <2171168@hansung.ac.kr>
Date: Tue, 23 Sep 2025 14:20:42 +0900
Subject: [PATCH] =?UTF-8?q?feat:=20=EC=B6=94=EC=B2=9C=20api=20=EC=9D=B8?=
 =?UTF-8?q?=EA=B0=80=20=EC=84=A4=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/DecodEat/global/config/WebOAuthSecurityConfig.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/com/DecodEat/global/config/WebOAuthSecurityConfig.java b/src/main/java/com/DecodEat/global/config/WebOAuthSecurityConfig.java
index 71ca1b3..c411fa7 100644
--- a/src/main/java/com/DecodEat/global/config/WebOAuthSecurityConfig.java
+++ b/src/main/java/com/DecodEat/global/config/WebOAuthSecurityConfig.java
@@ -58,7 +58,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 //                .anyRequest().permitAll());
                 .requestMatchers("/img/**", "/css/**", "/js/**", "/favicon.ico", "/error").permitAll()
                 .requestMatchers("/swagger-ui/**","/v3/api-docs/**").permitAll() //누구나 가능
-                .requestMatchers("/api/token", "/api/products/latest","/api/products/search/**").permitAll() //누구나 가능
+                .requestMatchers("/api/token", "/api/products/latest","/api/products/search/**","/api/products/recommendation/**").permitAll() //누구나 가능
                 .requestMatchers(new RegexRequestMatcher("^/api/products/\\d+$", "GET")).permitAll()
                 .requestMatchers("/api/users/**").hasAnyRole("USER", "ADMIN") // 유저 관련 API는 USER 또는 ADMIN 권한 필요
                 .requestMatchers("/api/admin/**").hasRole("ADMIN") // 어드민 관련 API는 ADMIN 권한만 가능