Merge pull request #157 from trojs/feature/remove-default-auth

Remove default auth method

README.md

@@ -41,7 +41,6 @@ const api = new Api({
   version: 'v1',
   specification: openAPISpecification,
   controllers,
-  secret: 'test',
   logger: console,
   ajvOptions: { allErrors: true }
 })

package.json

@@ -1,7 +1,7 @@
 {
     "name": "@trojs/openapi-server",
     "description": "OpenAPI Server",
-    "version": "2.0.4",
+    "version": "2.0.5",
     "author": {
         "name": "Pieter Wigboldus",
         "url": "https://trojs.org/"

src/api.js

@@ -17,7 +17,6 @@ import { setupRouter } from './router.js';
  * @property {string} version
  * @property {object} specification
  * @property {object} controllers
- * @property {string=} secret
  * @property {string=} apiRoot
  * @property {boolean=} strictSpecification
  * @property {boolean=} errorDetails
@@ -43,7 +42,6 @@ export class Api {
         version,
         specification,
         controllers,
-        secret,
         apiRoot,
         strictSpecification,
         errorDetails,
@@ -57,7 +55,6 @@ export class Api {
         this.version = version;
         this.specification = specification;
         this.controllers = controllers;
-        this.secret = secret;
         this.apiRoot = apiRoot;
         this.strictSpecification = strictSpecification;
         this.errorDetails = errorDetails || false;
@@ -86,7 +83,6 @@ export class Api {
         }
 
         const { api } = setupRouter({
-            secret: this.secret,
             openAPISpecification: this.specification,
             controllers: this.controllers,
             apiRoot: this.apiRoot,

src/router.js

@@ -16,7 +16,6 @@ import { unauthorized } from './handlers/unauthorized.js';
 /**
  * Setup the router
  * @param {object} params
- * @param {string=} params.secret
  * @param {object} params.openAPISpecification
  * @param {object} params.controllers
  * @param {string=} params.apiRoot
@@ -29,7 +28,6 @@ import { unauthorized } from './handlers/unauthorized.js';
  * @returns {{ api: OpenAPIBackend<any>, openAPISpecification: object }}
  */
 export const setupRouter = ({
-    secret,
     openAPISpecification,
     controllers,
     apiRoot,
@@ -83,13 +81,6 @@ export const setupRouter = ({
         return mock;
     });
 
-    if (secret) {
-        api.registerSecurityHandler(
-            'apiKey',
-            (context) => context.request.headers['x-api-key'] === secret
-        );
-    }
-
     securityHandlers.forEach((securityHandler) => {
         api.registerSecurityHandler(
             securityHandler.name,

src/server.test.js

@@ -54,6 +54,11 @@ function customHandler(context) {
 }
 
 const securityHandlers = [
+    {
+        name: 'apiKey',
+        handler: (context) =>
+            context.request.headers['x-api-key'] === envExample.SECRET,
+    },
     {
         name: 'customSecurityHandler',
         handler: customHandler,