-
Notifications
You must be signed in to change notification settings - Fork 916
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: swagger documentation authentication #1037
Conversation
WalkthroughThe recent update enhances the Changes
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 0
Configuration used: CodeRabbit UI
Files selected for processing (1)
- packages/api/v1/openapi.ts (1 hunks)
Additional comments: 1
packages/api/v1/openapi.ts (1)
- 5-33: The use of
Object.assign
to merge configurations for the OpenAPI specification is a good approach for enhancing flexibility and maintainability. However, there are a few considerations and improvements to be made:
Security Schemes and Definitions: The addition of security schemes is crucial for API documentation, especially for APIs that require authentication. The configuration provided for the
authorization
security scheme is well-defined, specifying it as anapiKey
type in theheader
. This is a common and recommended practice for APIs requiring a simple API key for authentication.Operation IDs: Setting
setOperationId: true
is a good practice as it helps in generating more readable and accessible API documentation. It ensures that each operation in the API documentation has a unique identifier, which can be beneficial for generating client SDKs or for documentation purposes.Documentation Completeness and Accuracy: Ensure that the security definitions and other configurations accurately reflect the API's authentication mechanisms. It's important that the documentation provides clear and precise information on how to authenticate API requests to prevent confusion and errors.
Maintainability: While
Object.assign
is used effectively here, consider the future scalability of your OpenAPI specification. As your API grows, you might find it beneficial to adopt a more structured approach to managing your OpenAPI configuration, such as modularizing different parts of the specification or using a library designed for building OpenAPI specifications in a more declarative way.Validation and Testing: It's not visible in the provided code, but ensure that the generated OpenAPI specification is validated against the OpenAPI standard. Tools like Swagger Editor or Swagger UI can be used to validate and visually inspect the API documentation. Additionally, consider adding automated tests to verify that the OpenAPI specification remains valid and accurate as the API evolves.
Overall, the changes made to the OpenAPI documentation are a step in the right direction for improving the developer experience by providing clearer and more detailed authentication documentation.
This seems to have mostly solved the issue but now we use the authorization value from the top of the swagger ui and ignore the ones passed in the "try it out" section despite it being marked as required. Not sure how to solve but we should try just a little bit extra to see if we can make this just a tiny bit smoother. |
Yeah... I realised that, but I couldn't think of a better solution. I can remove the Will think of a better solution. |
Summary by CodeRabbit