How to cancel security on specific page - OAPI3

Question

How to cancel security on specific page - OAPI3

pilotak opened this issue 4 years ago · 2 comments

When setting up global security, all pages require to be authorized. But i don't want such a feature on login page. How can i disable it on a specific page?

@endpoint({
  method: 'POST',
  path: '/login',
})
class Login {
  @response({ status: 200 })
  successResponse(@body body: Response) {}
}

@api({ name: 'test', version: '0.0.1' })
class Api {
  @securityHeader
  'security-header': string;
}

output should be

paths:
  /login:
    post:
      operationId: Login
      security: [] # no auth needed
      responses:
        '200':
          ...

Answer 1 · 2020-12-07T13:51:58.000Z

Personally, I have a post-processing script which adds "security": [] to endpoints with a specific tag.

Answer 2 · 2020-12-07T14:08:57.000Z

I was thinking about that too, but this should be built in. As well as ability to change the type of security to ie. Bearer or set more types of security (as seen in feature request)

This is perfect plugin if you don't need security features, unfortunately