Mix of Akka directives and tapir endpoints work in unexpected way

[mrForest13]

Hello,

Suppose I have securityDirective that checks the authorization header and if it does not exist, returns StatusCodes.Unauthorized. Also I have two endpoints like below:

// Get -> /example
val withSecurity: Route =   securityDirective { user =>
    tapirEndpoint.toRoute(input => /* here we can use both `user` and `input` values */)
}

// Get -> /something
val withoutSecurity: Route =  {
    tapirEndpoint.toRoute(input => return OK)
}

val routes: Route = withSecurity ~ withoutSecurity

And now when i send get request on /something i get Unauthorized error instead of OK. In my opinion it is because akka check header before checking path.

So now it works in this way:

1. Get -> /something
2. Go to first route
3. Check securityDirective

Should work:

1. Get -> /something
2. Go to first route
3. Check path
4. Go to second path

I know i can use toDirective instead of toRoute but event that it's unexpected behavior in my opinion

[adamw]

Well that's how akka-http works. You are nesting tapir's route inside the securityDirective so tapir has no influence over how securityDirective works, or in which order the components are checked.

[mrForest13]

so the only way is to use toDirective? But then i will lose a "connection" between tapir endpoint and "logic"

val withSecurity: Route =   tapirEndpoint.toDirective { _ =>
    securityDirective { user =>
         complete("Smothink")
    }
}

It works, but in this case the answer may be different than described by tapir. This is no longer forced as in the case of toRoute

[adamw]

If you want to use securityDirective and can't modify it (so that in case of a missing header, it rejects the request, instead of completing it with a 4xx), then yest, that's the only way.

[mrForest13]

ok, thanks