Add option to exclude a list of routes or prefixes

[francescorivola]

🚀 Feature Proposal

Add a new plugin option to exclude a list of routes prefixes from the auth check.

Motivation

Sometimes you want to have security set to all routes except 1 or few routes. This option will simplify this process and avoid to have to register the plugin for all the routes except the one you want to exclude.

I am currently working on a side project and I would like to have fastify-swagger enabled in a staging or test environment however still secure those.

Example

fastify.register(bearerAuthPlugin, {
    keys: new Set(keys),
    excludePrefixes: enableSwagger ? ['/documentation'] : undefined
});

[francescorivola]

I have been looking at other fastify plugins and it looks like none of them have some sort of option to exclude routes or prefix. So I am not sure you would like to add this option to this plugin. However, in case you like the idea, this is my first issue in the Fastify ecosystem and I will try to work on a PR next week to contribute. Thank you so much.

[jsumners]

I don't think we need to start adding a "filter" option to every plugin in the ecosystem. Fastify's plugin and encapsulation architecture already solves this quite nicely. In the described case, I would do:

async function aLocalPlugin (fastify, options) {
  if (options.enableSwagger === true) {
    fastify.register(bearerAuthPlugin, options.bearerAuthOptions)
  }
 
  fastify.register(require('./routes.js'))
}

[francescorivola]

Hi @jsumners. I understood. I am still new to the encapsulation architecture of the Plugin system. Makes totally sense in this case and it explains to me why other plugins as well do not have this option. I will test out your suggestion and read more about how plugins work. Thank you so much for your time. I close the issue. My best.