Open jesushd12 opened 6 years ago
I believe this was a feature of the old swagger UI. At least, I can confirm, that this was possible in https://github.com/marcgibbons/django-rest-swagger and it's using swagger UI version 2. Apart from that, I would like to have this feature "back", too. Currently, I am looking into customizing the web UI (see https://drf-yasg.readthedocs.io/en/stable/custom_ui.html), but that seems hard and hacky. Another temporary solution I imagine is to include django-rest-swagger
and just point its UI to yasg's schema endpoint.
Apart from that, you might be able to get what you want by calling get_schema_view
with public=True
. I still would like to restore the old behavior, because that enables to get serializers based on the authenticated user (we have very different profile types and as a result differing representations of our resources).
I was never aware of such a feature. I guess that would require re-fetching the schema document with the new authentication credentials, but I don't know if/how that's supported by swagger-ui.
I'll try and have a look.
here you can get some history and insights on this topic upstream:
In that case I would say it's best to defer this to the swagger-ui
folks.
In the meantime, logging in via Django session authentication should achieve your desired result, as swagger-ui
cannot prevent cookies from going with the schema fetch.
in the meantime would you be welcoming a PR to introduce block
statements for the swagger ui template similar to https://github.com/marcgibbons/django-rest-swagger/blob/master/rest_framework_swagger/templates/rest_framework_swagger/index.html?
@tuky sure, that would be awesome!
This is implemented via a hack in 1.11.0, together with other auth-related functionality.
Does not work in drf-yasg==1.12.1
. Still facing the same issue.
Following are my settings.
SWAGGER_SETTINGS = {
'SECURITY_DEFINITIONS': {
'api_key': {
'type': 'apiKey',
'name': 'HTTP_AUTHORIZATION',
'in': 'header'
}
}
}
Neither works on 1.11.0
It works on drf-swagger. Checked.
You have to enable the related settings.
It works on drf-swagger. Checked.
I don't understand what that means.
You have to enable the related settings.
I had the same issue using token auth, and with this settings i can solve.
SWAGGER_SETTINGS = {
'SECURITY_DEFINITIONS': {
'api_key': {
'type': 'apiKey',
'in': 'header',
'name': 'Authorization'
}
},
'REFETCH_SCHEMA_WITH_AUTH': True,
}
drf-yasg 1.17.0
Thank you!
Hello, Im having two issues , I'm trying to reproduce the reload page that django rest swagger does when I authorize with a security definition: type: "apiKey", name: "Authorization", in:"header" in settings. But in drf-yash I couldnt get that refresh so I can't get the endpoints that have some permissions based on authorization token.
is this an expected behaviur or i am doing something wrong? and if so how can I get the reload behaviur so I can get the endpoint that has permissions based on token