Provided by: libswagger2-perl_0.73-1_all bug

NAME

       Swagger2::Guides::ProtectedApi - Protected API Guide

OVERVIEW

       It is possible to protect your API: You can either use a "Custom route" or an "Around
       action hook". Both can serve the same purpose, but the around action hook can be
       customized for every API resource.

TUTORIAL

   Around action hook
       The "x-mojo-around-action" value is optional, but can hold the name of a method to call,
       which wraps around the autogenerated action which does input and output validation. This
       means that any data sent to the server is not yet converted into $input to your action.

       Here is an example method which match the "x-mojo-around-action" from "Swagger
       specification", "MyApp::authenticate_api_request":

         package MyApp;

         sub authenticate_api_request {
           my ($next, $c, $action_spec) = @_;

           # Go to the action if the Authorization header is valid
           return $next->($c) if $c->req->headers->authorization eq "s3cret!";

           # ...or render an error if not
           return $c->render_swagger(
             {errors => [{message => "Invalid authorization key", path => "/"}]},
             {},
             401
           );
         }

       "x-mojo-around-action" is also inherited from most levels, meaning that you define it
       globally for your whole API if you like:

         {
           "x-mojo-around-action": "MyApp::protect_any_resource",
           "paths": {
             "/pets": {
               "x-mojo-around-action": "MyApp::protect_any_method_under_foo",
               "get": {
                 "x-mojo-around-action": "MyApp::protect_just_this_resource"
               }
             }
           }
         }

   Custom route
         use Mojolicious::Lite;

         my $route = app->routes->under->to(
           cb => sub {
             my $c = shift;
             return 1 if $c->param('secret');
             return $c->render(json => {error => "Not authenticated"}, status => 401);
           }
         );

         plugin Swagger2 => {
           route => $route,
           url   => "data://api.json",
         };

         __DATA__
         @@ api.json
         {"swagger":"2.0", ...}

AUTHOR

       Jan Henning Thorsen - "jhthorsen@cpan.org"