enabe preflight requests

src/main/java/com/danielbohry/authservice/config/SecurityConfig.java

@@ -18,6 +18,7 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.http.HttpMethod;
 
 import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
 
@@ -51,6 +52,7 @@ public class SecurityConfig {
                                 "/js/**",
                                 "/img/**"
                         ).permitAll()
+                        .requestMatchers(HttpMethod.OPTIONS, "/api/users", "/api/authorize", "/api/refresh").permitAll()
                         .requestMatchers("/api/users", "/api/authorize", "/api/refresh").authenticated()
                         .anyRequest().authenticated()
                 )