flexcodelabs · BaharaJr · Mar 29, 2026 · Mar 29, 2026 · Mar 29, 2026 · Mar 29, 2026
diff --git a/build.gradle b/build.gradle
@@ -8,7 +8,7 @@ plugins {
 }
 
 group = 'com.flexcodelabs'
-version = '0.0.32'
+version = '0.0.33'
 description = 'Flextuma App'
 
 java {

diff --git a/src/main/java/com/flexcodelabs/flextuma/core/security/PasswordChangeRequiredFilter.java b/src/main/java/com/flexcodelabs/flextuma/core/security/PasswordChangeRequiredFilter.java
@@ -63,6 +63,10 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
     }
 
     private boolean shouldSkipPasswordChangeCheck(String path) {
+        if (path == null || !path.startsWith("/api/")) {
+            return true;
+        }
+
         return path.equals("/api/login") ||
                 path.equals("/api/changePassword") ||
                 path.equals("/api/logout") ||

diff --git a/src/main/java/com/flexcodelabs/flextuma/core/security/SecurityConfig.java b/src/main/java/com/flexcodelabs/flextuma/core/security/SecurityConfig.java
@@ -10,6 +10,7 @@
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.util.matcher.RegexRequestMatcher;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 import org.springframework.session.web.http.CookieSerializer;
 import org.springframework.session.web.http.DefaultCookieSerializer;
@@ -60,6 +61,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) {
                             .requestMatchers("/api/register").permitAll()
                             .requestMatchers("/").permitAll()
                             .requestMatchers("/assets/**").permitAll()
+                            .requestMatchers(new RegexRequestMatcher("^/(?!api(?:/|$)).*", null)).permitAll()
                             .anyRequest().authenticated())
                     .httpBasic(Customizer.withDefaults())
                     .addFilterBefore(patAuthenticationFilter,

diff --git a/...ain/java/com/flexcodelabs/flextuma/modules/notification/services/NotificationService.java b/...ain/java/com/flexcodelabs/flextuma/modules/notification/services/NotificationService.java
@@ -125,7 +125,8 @@ private SmsLog processAndSaveSms(User user, SmsConnector connector, String phone
                         SmsTemplate template, Map<String, String> metadata) {
                 SmsSegmentResult segmentResult = segmentCalculator.calculate(content);
                 if (connector.getCode() != null && connector.getCode().equals(connector.getProvider() + "_SYSTEM")) {
-                        BigDecimal cost = pricePerSegment.multiply(BigDecimal.valueOf(segmentResult.segments()));
+                        BigDecimal cost = BigDecimal.valueOf(Math.ceil(BigDecimal.valueOf(segmentResult.segments())
+                                        .divide(pricePerSegment).doubleValue()));
                         walletService.debit(user, cost, "SMS send to " + phoneNumber, null);
                 }
 

diff --git a/src/test/java/com/flexcodelabs/flextuma/modules/app/controllers/FrontendControllerTest.java b/src/test/java/com/flexcodelabs/flextuma/modules/app/controllers/FrontendControllerTest.java
@@ -39,6 +39,13 @@ void serveCatchAll_shouldReturnIndexForNonApiRoutes() throws Exception {
                 .andExpect(content().string("<html><body>app</body></html>"));
     }
 
+    @Test
+    void serveCatchAll_shouldReturnIndexForLoginRoute() throws Exception {
+        mockMvc.perform(get("/login"))
+                .andExpect(status().isOk())
+                .andExpect(content().string("<html><body>app</body></html>"));
+    }
+
     @Test
     void serveCatchAll_shouldReturnIndexForDottedNonApiRoutes() throws Exception {
         mockMvc.perform(get("/foo.bar"))