我从swagger-tools npm找到了许多使用swaggerSecurity的示例。不幸的是,我发现的每个示例都只是掩盖了处理授权的 actual logic 部分,我不确定应该如何处理这一部分。
app.use(middleware.swaggerSecurity({
MySecurity: function(req, def, scopes, callback) {
// returns true or false if request is valid
var allowed = myFunction(req);
if (!allowed) {
// what do I do here? something like callback({message:'Unauthorized'}) ???
} else {
// I think I just fire the callback, right?
callback();
}
}
}));