search

FoalTS / foal

Full-featured Node.js framework, with no complexity. šŸš€ Simple and easy to use, TypeScript-based and well-documented.
https://foalts.org/
MIT License
1.9k stars 140 forks source link

Swagger: ApiSecurityRequirement decorator not working in subcontrollers. #1057

Closed text2n closed 2 years ago

text2n commented 2 years ago

Version of FoalTS: 2.8.1

ApiSecurityRequirement() decorator is not working if defined for subcontrollers. I have the below controller structure. I have configured ApiController as OpenApi controller. I am trying to make UsersController as Authenticated controller and AuthController as unauthenticated. But if i add ApiSecurityRequirement /JwtRequied on UsersController, actual authentication is working fine, but swagger ui does't consider it as authenticated and is ignoring bearer token in headers.

-AppController
  -ApiController (configured as OpenApi class)
    -UsersController (ApiSecurityRequirement or JwtRequied decorator)
    -AuthController (unauthenticated)

I have created a repo with the sample files here https://github.com/text2n/foalts-test

the openapi.json is as below

{
   "info":{
      "title":"A Great API",
      "version":"1.0.0"
   },
   "openapi":"3.0.0",
   "paths":{
      "/users/":{
         "get":{
            "responses":{
               "401":{
                  "description":"JWT is missing or invalid."
               }
            }
         }
      },
      "/auth/":{
         "get":{
            "responses":{

            }
         }
      }
   },
   "servers":[
      {
         "url":"/api"
      }
   ],
   "components":{
      "securitySchemes":{
         "bearerAuth":{
            "bearerFormat":"JWT",
            "scheme":"bearer",
            "type":"http"
         }
      }
   }
}
LoicPoullain commented 2 years ago

The issue has been fixed and will be released with v2.8.2 šŸ‘