luciano/reitit
1
0
Fork 0
mirror of https://github.com/metosin/reitit.git synced 2026-01-30 17:50:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

doc: examples/http-swagger: authentication

Browse source
This commit is contained in:
Joel Kaasinen 2023-03-13 15:37:49 +02:00
parent 20cafa3d9b
commit 9b50baca0c
1 changed files with 26 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
examples/http-swagger/src/example/server.clj
View file

@ -43,13 +43,21 @@
[["/swagger.json" [["/swagger.json"
{:get {:no-doc true {:get {:no-doc true
:swagger {:info {:title "my-api" :swagger {:info {:title "my-api"
:description "with reitit-http"}} :description "with reitit-http"}
;; used in /secure APIs below
:securityDefinitions {"auth" {:type :apiKey
:in :header
:name "Example-Api-Key"}}}
:handler (swagger/create-swagger-handler)}}] :handler (swagger/create-swagger-handler)}}]
["/openapi.json" ["/openapi.json"
{:get {:no-doc true {:get {:no-doc true
:openapi {:info {:title "my-api" :openapi {:info {:title "my-api"
:description "with reitit-http" :description "with reitit-http"
:version "0.0.1"}} :version "0.0.1"}
;; used in /secure APIs below
:components {:securitySchemes {"auth" {:type :apiKey
:in :header
:name "Example-Api-Key"}}}}
:handler (openapi/create-openapi-handler)}}] :handler (openapi/create-openapi-handler)}}]
["/files" ["/files"
@ -119,7 +127,22 @@
:responses {200 {:body (s/keys :req-un [::total])}} :responses {200 {:body (s/keys :req-un [::total])}}
:handler (fn [{{{:keys [x y]} :body} :parameters}] :handler (fn [{{{:keys [x y]} :body} :parameters}]
{:status 200 {:status 200
:body {:total (- x y)}})}}]]] :body {:total (- x y)}})}}]]
["/secure"
{:tags ["secure"]
:openapi {:security [{"auth" []}]}
:swagger {:security [{"auth" []}]}}
["/get"
{:get {:summary "endpoint authenticated with a header"
:responses {200 {:body {:secret string?}}
401 {:body {:error string?}}}
:handler (fn [request]
;; In a real app authentication would be handled by middleware
(if (= "secret" (get-in request [:headers "example-api-key"]))
{:status 200
:body {:secret "I am a marmot"}}
{:status 401
:body {:error "unauthorized"}}))}}]]]
{;:reitit.interceptor/transform dev/print-context-diffs ;; pretty context diffs {;:reitit.interceptor/transform dev/print-context-diffs ;; pretty context diffs
;;:validate spec/validate ;; enable spec validation for route data ;;:validate spec/validate ;; enable spec validation for route data