chore: swagger authentication added

src/controllers/user.ts

@@ -8,7 +8,8 @@ import {
   Patch,
   Delete,
   Body,
-  Hidden
+  Hidden,
+  Security
 } from 'tsoa'
 import bcrypt from 'bcryptjs'
 
@@ -28,7 +29,8 @@ interface userDetailsResponse {
   isAdmin: boolean
 }
 
-@Route('user')
+@Security('bearerAuth')
+@Route('SASjsApi/user')
 export default class UserController {
   /**
    * Get list of all users (username, displayname). All users can request this.

src/middlewares/verifyAdminIfNeeded.ts

@@ -1,8 +1,8 @@
 export const verifyAdminIfNeeded = (req: any, res: any, next: any) => {
   const { user } = req
-  const { userId } = req.params
+  const userId = parseInt(req.params.userId)
 
-  if (!user.isAdmin && user.id !== userId) {
+  if (!user.isAdmin && user.userId !== userId) {
     return res.status(401).send('Admin account required')
   }
   next()

tsoa.json

@@ -3,6 +3,13 @@
   "noImplicitAdditionalProperties": "throw-on-extras",
   "spec": {
     "outputDirectory": "public",
+    "securityDefinitions": {
+      "bearerAuth": {
+        "type": "http",
+        "scheme": "bearer",
+        "bearerFormat": "JWT"
+      }
+    },
     "specVersion": 3
   }
 }