|
2 | 2 |
|
3 | 3 | [Docs Home](../index.md) | [Previous: Getting Started](../getting-started.md) | [Next: Request Lifecycle](request-lifecycle.md) |
4 | 4 |
|
5 | | -Decorators define routes, validation, metadata, and runtime behavior. bun-openapi reads decorator metadata at startup and builds: |
| 5 | +Decorators are the primary way you configure bun-openapi. Instead of writing separate route registration code and OpenAPI spec files, you annotate your controller classes — and the framework reads that metadata at startup to build: |
6 | 6 |
|
7 | | -- Bun route handlers |
8 | | -- runtime validation wiring |
9 | | -- OpenAPI document |
| 7 | +- **Bun route handlers** with parameter binding and validation. |
| 8 | +- **Runtime behavior** — guards, interceptors, and middleware execution order. |
| 9 | +- **OpenAPI 3.0 document** with paths, schemas, security, and response descriptions. |
| 10 | + |
| 11 | +This means your TypeScript code is the single source of truth for both the running server and the API documentation. |
10 | 12 |
|
11 | 13 | ## Class-Level Decorators |
12 | 14 |
|
13 | | -- @Route("/prefix") sets the base path. |
14 | | -- @Tags("Users") sets OpenAPI tags for all methods. |
15 | | -- @Security("bearerAuth") applies default security requirements. |
16 | | -- @UseGuards(...) attaches guards to all controller methods. |
17 | | -- @UseInterceptors(...) attaches interceptors to all methods. |
18 | | -- @ValidateResponse(true) enables response validation by default. |
19 | | -- @Middleware(...) adds middleware wrappers at controller scope. |
| 15 | +These decorators go on your controller class and affect all methods within it. |
| 16 | + |
| 17 | +| Decorator | Effect | |
| 18 | +| ------------------------- | -------------------------------------------- | |
| 19 | +| `@Route("/prefix")` | Sets the base path for all endpoints | |
| 20 | +| `@Tags("Users")` | Applies OpenAPI tags to all methods | |
| 21 | +| `@Security("bearerAuth")` | Adds default security requirement | |
| 22 | +| `@UseGuards(...)` | Attaches guards to all methods | |
| 23 | +| `@UseInterceptors(...)` | Attaches interceptors to all methods | |
| 24 | +| `@ValidateResponse(true)` | Enables response validation by default | |
| 25 | +| `@Middleware(...)` | Adds middleware wrappers at controller scope | |
20 | 26 |
|
21 | 27 | ## Method-Level Decorators |
22 | 28 |
|
23 | | -- HTTP verbs: @Get, @Post, @Put, @Patch, @Delete |
24 | | -- OpenAPI metadata: @Summary, @Description, @OperationId, @Deprecated, @Hidden |
25 | | -- Response metadata: @Returns(status, schema, description), @Produces(contentType) |
26 | | -- Runtime behavior: @UseGuards, @UseInterceptors, @ValidateResponse, @Render |
| 29 | +These decorators go on individual methods to define endpoints and their behavior. |
| 30 | + |
| 31 | +- **HTTP verbs**: `@Get`, `@Post`, `@Put`, `@Patch`, `@Delete` |
| 32 | +- **OpenAPI metadata**: `@Summary`, `@Description`, `@OperationId`, `@Deprecated`, `@Hidden` |
| 33 | +- **Response metadata**: `@Returns(status, schema, description)`, `@Produces(contentType)` |
| 34 | +- **Runtime behavior**: `@UseGuards`, `@UseInterceptors`, `@ValidateResponse`, `@Render`, `@Security` |
| 35 | + |
| 36 | +> **TIP**: Method-level decorators override class-level ones where it makes sense. For example, `@Security` on a method replaces the controller-level security requirement for that specific endpoint. |
27 | 37 |
|
28 | 38 | ## Parameter Decorators |
29 | 39 |
|
30 | | -- @Param(schema) or @Param("id") |
31 | | -- @Query(schema) or @Query("page") |
32 | | -- @Header(schema) or @Header("x-request-id") |
33 | | -- @Body(schema) |
34 | | -- @Request() |
| 40 | +These bind incoming request data to method arguments. They come in two flavors: |
| 41 | + |
| 42 | +- **Whole-object**: pass a schema class for validation — `@Param(UserParams)`, `@Body(CreateUser)` |
| 43 | +- **Scalar**: pass a string name for single values — `@Param("id")`, `@Query("page")` |
| 44 | + |
| 45 | +| Decorator | Source | |
| 46 | +| ----------------- | --------------- | |
| 47 | +| `@Param(schema)` | Path parameters | |
| 48 | +| `@Query(schema)` | Query string | |
| 49 | +| `@Header(schema)` | Request headers | |
| 50 | +| `@Body(schema?)` | Request body | |
| 51 | +| `@Request()` | Raw `Request` | |
35 | 52 |
|
36 | 53 | ## Mental Model |
37 | 54 |
|
38 | | -Think in layers: |
| 55 | +Think of decorators as defining layers that compose at startup: |
| 56 | + |
| 57 | +``` |
| 58 | +@Route + @Get/@Post/... → 1. Route matching |
| 59 | +@Param/@Query/@Body/... → 2. Parameter binding & validation |
| 60 | +@UseGuards / @Security → 3. Guard & security checks |
| 61 | +@UseInterceptors → 4. Interceptor wrapping |
| 62 | + → 5. Controller method execution |
| 63 | +@Returns + @ValidateResponse → 6. Optional response validation |
| 64 | +``` |
39 | 65 |
|
40 | | -1. Route matching from @Route + verb decorators. |
41 | | -2. Parameter binding and validation from parameter decorators. |
42 | | -3. Guards and security checks. |
43 | | -4. Interceptor wrapping. |
44 | | -5. Controller execution. |
45 | | -6. Optional response validation. |
| 66 | +Each layer reads metadata that you declared with decorators. No manual wiring required. |
46 | 67 |
|
47 | | -Continue with [Request Lifecycle](request-lifecycle.md) for exact execution order. |
| 68 | +Continue with [Request Lifecycle](request-lifecycle.md) for the exact execution order at runtime. |
0 commit comments