Closed alokshenoy closed 1 year ago
Well I don't think this has anything to do with spectacular. What is the used authentication method? If you simply direct your browser there, I think nothing will work except for the automatic CookieAuthentication
. Sounds logical that you then don't have authentication in the template or the view for that matter. Also, SpectacularSwaggerView
will use your default auth method unless otherwise configured.
If you use the authentication button in SwaggerUI, that is a different story. We go the extra mile to re-request the schema with that auth, but that does not apply to the SwaggerUI endpoint itself.
fyi: swagger has a built-in topbar for different schema urls. e.g.:
SPECTACULAR_SETTINGS = {
"SWAGGER_UI_SETTINGS": """{
deepLinking: true,
displayOperationId: true,
persistAuthorization: true,
urls: [{url: "/api/schema/?version=v1", name: "version 1"}],
presets: [SwaggerUIBundle.presets.apis, SwaggerUIStandalonePreset],
layout: "StandaloneLayout",
}""",
}
ah! that makes sense. I had to update the auth classes to :
"DEFAULT_AUTHENTICATION_CLASSES": [
"knox.auth.TokenAuthentication",
"rest_framework.authentication.SessionAuthentication",
],
I'm currently overriding the default templates for swagger UI to include a navigation bar at the top. Since the api docs are secured by login using the following:
my
swagger_ui.html
uses{% if user.is_authenticated %} <show a> {% else %} <show b> {% endif %}
quite liberally, and I invariably seeb
instead ofa
.