search

nestjs / docs.nestjs.com

The official documentation https://docs.nestjs.com 📕
MIT License
1.18k stars 1.69k forks source link

ApiHeaders doesn't work with Authorization example #886

Closed Epenance closed 4 years ago

Epenance commented 4 years ago

I'm submitting a...


[ ] Regression 
[x] Bug report
[ ] Feature request
[x] Documentation issue or request (new chapter/page)
[ ] Support request => Please do not submit support request here, instead post your question on Stack Overflow.

Current behavior

In the Swagger docs the following is written:

@ApiHeader({
  name: 'Authorization',
  description: 'Auth token',
})
@Controller('cats')
export class CatsController {}

When testing in Swagger the ApiHeader shows up, but will never be sent, when trying to test the resquest. My guess is that Authorization is reserved cause it actually works with

@ApiHeader({
  name: 'My-Header',
  description: 'Custom header',
})
@Controller('cats')
export class CatsController {}

Additionally the Authorization headers are set with the 

ApiSecurity('bearer')

That is documented further down in the documentation, and once provided it will actually attach those headers to the request.

Expected behavior

Expected the Authorization header to be set when applied as shown in the documentation. It however only works if you use it with ApiSecurity decorater rather than the ApiHeader decorater.

Minimal reproduction of the problem with instructions

git clone git@gitlab.com:doshdk/nestjs-swagger-auth-example.git cd nestjs-swagger-auth-example docker-compose up -d yarn start:dev

Open browser and visit localhost:3000/docs Create a user, and login with your credentials to get a token.

Try the User profile and provide the bearer token. See that its not attached to the call.

What is the motivation / use case for changing the behavior?

Wrong documentation can lead to confusion, I myself was a victim of this 😄

syukirah commented 4 years ago

I also having the same problem. I guess i also one of the victims. What is the correct way to do it? Do you mind to show to me how to do it?

syukirah commented 4 years ago

I also having the same problem. I guess i also one of the victims. What is the correct way to do it? Do you mind to show to me how to do it?

Ah... i got the answer already... use dedicated @ApiBearerAuth() instead of @ApiHeader... thanks for pointing out me to read at the bottom of document

phongit1995 commented 3 years ago

how you can fix it ???

ubay1 commented 3 years ago

how you can fix it ??? please answer..