-
Notifications
You must be signed in to change notification settings - Fork 115
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add SwaggerUi to replace Apiary #517
Conversation
Apiary should no longer be mentioned in the README. Also, please add something in |
c.swagger_endpoint "/api-docs/openapi#{ENV.fetch('TEST_ENV_NUMBER', '')}.yaml", 'API V1 Docs' | ||
|
||
# Add Basic Auth in case your API is private | ||
c.basic_auth_enabled = true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if we have both? public and private endpoints?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is the way that rswag
works, we need to define the API endpoints that will use it for UI section
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure if that answers my question.
If we build an app that has public endpoints, we need to also have a "public" documentation that anyone can see in order to understand how the API works.
So the question is, is it possible to only scope the auth to a subset of our endpoints and not the whole app?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@JulianPasquale Oh Oh, I understood that you are asking about rswag
sorry
- I'm not sure, but I looked in the Swagger documentation and didn't find anything about adding auth only for a group of endpoints, also following the ticket scope I included the authorization here, but we can disable it by setting the value to "false". `
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cool. I think it would be nice to explore it so we can allow the mix of public and private docs. Not a blocker since auth can be disabled 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is a good discussion, maybe we can follow up in a meeting? I think what we need to answer is: who are we expecting to be the consumers of these endpoints?
- Frontend devs?
- Backend devs from other teams/apps?
- External products/services?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great job, thanks for bringing this improvement to the rails_api_base
.
Last thing: remove the reference to Apiary in the README.md
Thanks!
Board:
Description:
api-docs
endpoint withbasic-auth
Notes:
rspec-openapi
to include the project titleTasks:
openapi.yaml
doc with SwaggerUIRisk:
Preview: