From 4c22109a95493b5514b61d6588f324029f4e1ec9 Mon Sep 17 00:00:00 2001
From: gaoxq <376340421@qq.com>
Date: Fri, 3 Apr 2026 17:35:49 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E6=94=BE=E5=BC=80/api/messages/conversa?=
 =?UTF-8?q?tion/**=E5=AE=89=E5=85=A8=E6=8B=A6=E6=88=AA?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/com/filesystem/config/SecurityConfig.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/com/filesystem/config/SecurityConfig.java b/src/main/java/com/filesystem/config/SecurityConfig.java
index 3e2b5db..fd1aed8 100644
--- a/src/main/java/com/filesystem/config/SecurityConfig.java
+++ b/src/main/java/com/filesystem/config/SecurityConfig.java
@@ -50,7 +50,7 @@ public class SecurityConfig {
                 // WebSocket
                 .requestMatchers("/ws/**").permitAll()
                 // 静态资源
-                .requestMatchers("/webapp/**", "/assets/**", "/uploads/**", "/files/avatar/**", "/api/files/avatar/**", "/api/messages/file/**").permitAll()
+                .requestMatchers("/webapp/**", "/assets/**", "/uploads/**", "/files/avatar/**", "/api/files/avatar/**", "/api/messages/file/**", "/api/messages/conversation/**").permitAll()
                 // 前端页面路由（所有非 /api/ 的路由，由 Vue Router 处理）
                 .requestMatchers("/", "/login", "/register", "/desktop/**", "/favicon.ico").permitAll()
                 // 其他所有请求需要认证