Closed shivangpatel closed 4 years ago
Personally, I disable the Swagger UI in production. Here's how I do it:
api = Api(
title="My Awesome API",
version=VERSION,
prefix=f"/api/{VERSION}",
doc="/" if os.getenv("FLASK_ENV") == "development" else False,
)
@amickael thanks for positive response. I will try it. Currently in production I am using NGINX basic auth for that url. It's working...
Anyway againg thanks.
My default path for swagger-UI is
/api/doc
. So, anyone who hit this url in browser, they can easily access this swagger-UI ! So, how can I protect this specific URL only. And suggest all possible ways.