Skip to content

Guard for security #1139

New issue
New issue
Open
Open
Guard for security#1139
Labels
enhancementNew feature or request
@zoriya

Description

@zoriya
zoriya
opened on Mar 24, 2025

What is the problem this feature would solve?

I'd like to add details.security to a group of routes.

What is the feature you are proposing to solve the problem?

Using a guard like below would be possible:

new Elysia()
	.guard({
		detail: {
			security: [
				{ bearer: ["read"] },
				{ api: ["read"] }
			],
		},
	})
	.get("/:id", () => {}, {
		detail: {
			description: "Route desc"
		}
	})

Currently, detail.security can only be specified in the route's 3rd argument.

What alternatives have you considered?

Have macro or other ways to specify security details (cf #666)

PS: I think the macro way would be more flexible, since you could specify macros that would add scopes in the swagger. ex:

new Elysia()
	.macro({
		scope(scopes: string[]) {
			return {
				resolve: async ({ headers: { authorization } }) => {
					return { user: {} };
				},
				details: { 
					security: [ { bearer: scopes } ],
				 },
			};
		},
	})
	.get("/:id", () => {}, {
		scope: ["read"]
	});

Even if this macro way is implemented, i feel like guard should work for security, as it not working feels like an oversight.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions