Burke9077 Burke9077 - 3 months ago 87
Node.js Question

How do you add an API key in Swagger

I have tried several methods to add a basic API key authorization to Swagger (express swagger). Below is the relevant info from my manifest.

{
...
"main": "app.js",
"dependencies": {
"express": "^4.12.3",
"swagger-express-mw": "^0.1.0"
},
...
}


I believe I have registered the security definitions in the YAML configuration.

swagger: "2.0"
info:
...

# Set up security for the API
securityDefinitions:
defaultApiKey:
type: apiKey
in: header
name: defaultApiKey

security:
- defaultApiKey: []


To finish this configuration I thought I would only need to register the middleware in the SwaggerExpress.create() function. Below is my entire app.js as it currently stands.

'use strict';

var SwaggerExpress = require('swagger-express-mw');
var app = require('express')();
module.exports = app; // for testing

var config = {
appRoot: __dirname // required config
};

SwaggerExpress.create(config, function(err, swaggerExpress) {
if (err) { throw err; }

// Serve the Swagger documents and SwaggerUi
app.use(swaggerExpress.runner.swaggerTools.swaggerUi());

// Install security
app.use(swaggerExpress.swaggerSecurity({
defaultApiKey: function(req, def, scopes, callback) {
console.log("hit");
}
}));

// install middleware
swaggerExpress.register(app);

var port = process.env.PORT || 10010;
app.listen(port);
});


When I attempt to use this I see the following:

Error initializing middleware
TypeError: swaggerExpress.swaggerSecurity is not a function


I have tried configuring this a few different ways with no success. Did I properly define the API key in YAML and if so what should I do to register the API key handler in my app.js file?

Answer

I was able to overcome this issue by transforming the YAML definitions to the JSON format and loading the API definition this way:

'use strict';

// [INIT PRE-SERVER REQUIREMENTS]
var fs = require('fs');
var os = require('os');
var https = require('https');


var swagger = require('swagger-tools');
var app = require('express')();
var db = require(/* db config path */);
var swaggerObject = require('./api/swagger/swagger.json');

// Configure non-Swagger related middleware and server components prior to Swagger middleware

swagger.initializeMiddleware(swaggerObject, function (middleware) {

  // Intialize middleware
  app.use(middleware.swaggerMetadata());

  // Setup security handlers
  app.use(middleware.swaggerSecurity({
    api_key: function(req, def, scopes, callback) {
      // API KEY LOGIC HERE
      // IF SUCCESSFUL
      callback();
    }
  });

  // Route requests to appropriate controller
  app.use(middleware.swaggerRouter({useStubs: true, controllers: './api/controllers'}));

  // Setup documentation
  app.use(middleware.swaggerUi());

  // Start the server
  var httpsServer = https.createServer({
    // KEY INFO
  }, app);
  httpsServer.listen(443, function() {
    console.log('Server created and listening for requests on port 443.');
  });
});