New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support empty security #892
Comments
Would you like to create a PR for this issue? |
@zzdhidden Have you solved your issue. I'm trying to remove my global authentication from my health endpoint. Also where did you set your security:[] parameter. |
@SathursanS I define a empty string and then clean from the apiObject. import { SetMetadata, CustomDecorator } from '@nestjs/common';
export const ApiEmptySecurity = (): CustomDecorator =>
SetMetadata('swagger/apiSecurity', ['']);
export function ApiFixEmptySecurity(apiObject: any): void {
Object.values(apiObject.paths).forEach((path: any) => {
Object.values(path).forEach((method: any) => {
if (Array.isArray(method.security)) {
method.security = method.security.filter((s: any) => !!s);
}
});
});
} |
Would you like to create a PR for this issue? |
Having followed the officiel NestJS docs to secure my API, all my routes are protected by an API-Key, and some of them can avoid it, with a In order to get Swagger to use that API Key, and not wanting to manually add
in addition to
However, I don't understand where I need to put the @kamilmysliwiec I understand your answer in #1319 but I think one more decorator would be useful : sometimes you'll want to have |
For anyone that still needs a workaround, I modified the above code to get it working:
And then where my server is initialized:
|
I'm submitting a...
Current behavior
When I add global security. I can't exclude one api from the
@ApiSecurity()
.const docBuilder = new DocumentBuilder().addSecurityRequirements('bearer')
Expected behavior
We can define global security follow the document openapi authentication and exclude from the path by set
security: [] # No security
.Now we can use
SetMetadata('swagger/apiSecurity', [])
to hack this feature when defineClassDecorator
. But the this data has been omit when define theMethodDecorator
.The text was updated successfully, but these errors were encountered: