use security handler instead of express middleware for access token validation.

lib/units/api/config/default.yaml

@@ -6,7 +6,6 @@ swagger:
   fittingsDirs: [ fittings ]
   defaultPipe: null
   swaggerControllerPipe: swagger_controllers  # defines the standard processing pipe for controllers
-  swagger: 'swagger/api_v1.yaml'
 
   # values defined in the bagpipes key are the bagpipes pipes and fittings definitions
   # (see https://github.com/apigee-127/bagpipes)
@@ -22,10 +21,13 @@ swagger:
       name: swagger_validator
       validateResponse: true
 
+    _swagger_security:
+      name: swagger_security
+      securityHandlersModule: helpers/securityHandlers
+
     # pipe for all swagger-node controllers
     swagger_controllers:
       - onError: json_error_handler
-      - cors
       - swagger_params_parser
       - swagger_security
       - _swagger_validate