I used Luminus, along with reitit and swagger-ui to generate a page that lets me try out my Luminus API. I can just enter my API request body and submit to test my API.
Now I have added authentication using buddy and my API requires a token to be passed in the header of the request, or else it rejects the request as forbidden.
I'm trying to get an "Authorization" headers field to magically appear in my UI so that I can enter a JWT token string and test my API. This must be a very common requirement for anyone creating an API using reitit, but I can't figure out how to do it.
I went searching around and found this reitit issues page, which includes the text...
Header params are declared as lower-case strings {:headers {"authorization" string?}} which would match exactly what Ring provides us. (Could still HTTP-Header-Case them for documentation.)
...and suggests the setup below...
:get {:summary "list offers"
:parameters
{:headers
{"authorization" string?}}
... etc
Doing that didn't get me any way to authenticate. So, I found this discussion and edited my routes by adding the following after :summary and :parameters in the above route...
:middleware [authenticated?]
:swagger {:security [:apiKey]}
After adding that, I get this...
...which looks like I'm on the right track, but I still have no way of entering my token in the auth header.
As I said, everything is working with curl... Just that swagger isn't showing any way to add auth header. Anybody know how to get Swagger UI to play along in this scenario?
If reitit doesn't support this, then how are people using Swagger UI for authenticated requests?
Any help would be appreciated!
OK. Solved it.
At the root of my API routes (encapsulating all of the routes where I might end up using this authentication), I add :securityDefinitions.
Inside the specific route: