Open lmatthews0221 opened 1 year ago
I'm seeing this as well. Both version 4.x and 5.0 are behaving this way for me.
I suspect the issue is deeper down in the dependencies either swagger-jsdoc or @apidevtools/swagger-parser. Have to dig a bit deeper. For now am declaring the security: in each path spec
The first code you posted is creating a global bearerAuth, but it is not telling that all routes will use this auth. To do that, you need to add a security property (as you do on each route) but on a global level.
Exemple (code not tested, but it's something similar to the "Describing Bearer Authentication" part here) :
const options = {
swaggerDefinition: {
openapi: '3.0.0',
info: {
title: 'Node.js REST API',
version: '1.0.0',
description: 'API documentation for the Node.js REST API',
},
servers: [
{
url: 'http://localhost:3000', // Replace with the actual server URL
description: 'Local development server',
},
],
components: {
securitySchemes: {
bearerAuth: {
type: 'http',
scheme: 'bearer',
bearerFormat: 'JWT',
}
}
},
security: [
{
bearerAuth: []
}
],
},
apis: ['./src/swagger/*.yaml'], // Replace with the path to your API route files
};
This will require all routes to have a bearerAuth.
I'm trying to apply bearer auth to all operations and here's the implementation.
However, it doesn't work. When I add security to an individual route operation, it works.
Anyone help me why global declaration is not working?