Adds JWT secret, turns on Swagger UI, and cleans up refresh token response

src/main/kotlin/net/halfbinary/scavengerhuntapi/config/AuthTokenFilter.kt

@@ -31,7 +31,9 @@ class AuthTokenFilter(private val jwtUtils: JwtUtil, private val hunterDetailsSe
                         userDetails.authorities
                     )
                 authentication.details = WebAuthenticationDetailsSource().buildDetails(request)
-                SecurityContextHolder.getContext().authentication = authentication
+                val context = SecurityContextHolder.createEmptyContext()
+                context.authentication = authentication
+                SecurityContextHolder.setContext(context)
             }
         } catch (e: Exception) {
             println("Cannot set user authentication: $e")

src/main/kotlin/net/halfbinary/scavengerhuntapi/config/JwtUtil.kt

@@ -7,11 +7,12 @@ import org.springframework.beans.factory.annotation.Value
 import org.springframework.stereotype.Component
 import java.util.Date
 import javax.crypto.SecretKey
+import javax.crypto.spec.SecretKeySpec
 
 @Component
 class JwtUtil {
     @Value($$"${jwt.secret}")
-    private val jwtSecret: String? = null
+    private val jwtSecret: String = ""
 
     @Value($$"${jwt.expiration}")
     private val jwtExpirationMs = 0
@@ -22,7 +23,7 @@ class JwtUtil {
     // preventing the repeated creation of the key and enhancing performance
     @PostConstruct
     fun init() {
-        this.key = Jwts.SIG.HS256.key().build()
+        this.key = SecretKeySpec(jwtSecret.toByteArray(Charsets.UTF_8), "HmacSHA256")
     }
 
     // Generate JWT token

src/main/kotlin/net/halfbinary/scavengerhuntapi/config/SecurityConfig.kt

@@ -1,5 +1,6 @@
 package net.halfbinary.scavengerhuntapi.config
 
+import org.springframework.boot.web.servlet.FilterRegistrationBean
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.authentication.AuthenticationManager
@@ -27,6 +28,13 @@ class SecurityConfig(private val authEntrypointJwt: AuthEntrypointJwt,
         return authTokenFilter
     }
 
+    @Bean
+    fun authTokenFilterRegistration(): FilterRegistrationBean<AuthTokenFilter> {
+        val registration = FilterRegistrationBean(authTokenFilter)
+        registration.isEnabled = false
+        return registration
+    }
+
     @Bean
     @Throws(Exception::class)
     fun authenticationManager(
@@ -59,7 +67,7 @@ class SecurityConfig(private val authEntrypointJwt: AuthEntrypointJwt,
             }
             .authorizeHttpRequests { authorizeRequests ->
                 authorizeRequests
-                    .requestMatchers("/auth/**", "/signup")
+                    .requestMatchers("/auth/**", "/signup", "/docs/**")
                     .permitAll()
                     .anyRequest().authenticated()
             }