search

poem-web / poem

A full-featured and easy-to-use web framework with the Rust programming language.
Apache License 2.0
3.59k stars 290 forks source link

Allow SecurityScheme as Macro parameter of OpenApi or oai #822

Open Bednys94 opened 4 months ago

Bednys94 commented 4 months ago

Description of the feature

Hi, would be possible to add attribute security_scheme for generating swagger-ui security scheme without need to have it as a fn param? I have several APIs and it's little bit confusing to have _auth: SecuritySchema as parameter in almost all open api functions and only because of generating swagger api doc with lock icon next to the request definition.

Code example (if possible)

[derive(SecurityScheme)]

[oai(ty = "basic")]

pub struct BasicSecurityScheme(Basic);

It would be nice instead of this

[OpenApi(

prefix_path = "/secure",
tag = "CustomApiTags::Custom",

)] impl CustomApi {

[oai(path = "/test-auth", method = "get")]

async fn test_auth(&self, _auth: SecurityScheme) -> Result<String> {
    Ok("Test auth".to_string())
}

}

use this

[OpenApi(

prefix_path = "/secure",
tag = "CustomApiTags::Custom",
security_scheme = "BasicSecurityScheme"

)] impl CustomApi {

[oai(path = "/test", method = "get")]

async fn test(&self) -> Result<String> {
    Ok("Test auth".to_string())
}

}

or this

[OpenApi(

prefix_path = "/secure",
tag = "CustomApiTags::Custom",

)] impl CustomApi {

[oai(path = "/test-auth", method = "get", security_scheme = "BasicSecurityScheme")]

async fn test_auth(&self) -> Result<String> {
    Ok("Test auth".to_string())
}

#[oai(path = "/test-no-auth", method = "get")]
async fn test_no_auth(&self) -> Result<String> {
    Ok("Test auth".to_string())
}

}

skrcka commented 2 weeks ago

yes please

there is this library that works in a similar way: https://crates.io/crates/poem-grants

but it doesnt add auth in the specification