AuthenticationMiddleware should also depend on authenticationModule being present

[jancastor]

Sorting

• I'm submitting a ...

  • bug report
  • feature request
  • support request

• I confirm that I

  • used the search to make sure that a similar issue hasn't already been submit

Expected Behavior

I want to specify security tags on my controller methods but I don't want to do the authentication via the auto-generated Tsoa routes file.

Current Behavior

Not specifying the authenticationModule in the config throws an error when trying to hit the endpoint because of the missing expressAuthentication middleware.

I could provide a no-op function here but it has some undesired behavior, specifically re-setting the user field on the request object.

https://github.com/lukeautry/tsoa/blame/ac87a3b04ae2156fcd7b17eace4787bbd68c16be/packages/cli/src/routeGeneration/templates/express.hbs#L171

Possible Solution

This line:

tsoa/packages/cli/src/routeGeneration/routeGenerator.ts

Line 146 in ac87a3b

useSecurity: this.metadata.controllers.some(controller => controller.methods.some(method => !!method.security.length)),

Should also check if authenticationModule is present

[jancastor]

Happy to push up a PR for this

[github-actions]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days