10

I followed the instructions in the docs. So here's my view:

from rest_framework.decorators import api_view, renderer_classes
from rest_framework import response, schemas
from rest_framework_swagger.renderers import OpenAPIRenderer, SwaggerUIRenderer


@api_view()
@renderer_classes([OpenAPIRenderer, SwaggerUIRenderer])
def schema_view(request):
    generator = schemas.SchemaGenerator(title='Bookings API')
    return response.Response(generator.get_schema(request=request))

And I added the following to my urls.py:

url(r'^docs/', views.schema_view),

When I went to the /docs/ page of my project, I got the following error:

401 : {"detail": "Authentication credentials were not provided."} http://127.0.0.1:8000/docs/?format=openapi

In the browser console I got this message:

Unable to Load SwaggerUI init.js (line 57)

When I set the permission_classes of my schema_view to AllowAny, I was able to view my api docs. However, I'm not sure if this is the right way of doing this. Isn't there a way to login as an admin, or any other user to view the docs. Also, how do I provide the auth tokens when viewing this in the browser? Maybe I missed something in the docs.

Melvic Ybanez
  • 1,893
  • 4
  • 19
  • 26

2 Answers2

20

I think I've found the solution.

In the settings.py, I added the following settings:

SWAGGER_SETTINGS = {
    'SECURITY_DEFINITIONS': {
        'api_key': {
            'type': 'apiKey',
            'in': 'header',
            'name': 'Authorization'
        }
    },
}

Then when I load the page, I just click on the Authorize button at the upper right and enter this value in the value text field:

Token <valid-token-string>

However, I still needed to set the permission class of the schema view to AllowAny. The auth token just let me switch from different users, allowing me to view different set of endpoints.

Melvic Ybanez
  • 1,893
  • 4
  • 19
  • 26
  • 1
    Thank you very much man, this is the end of 2 hours investigation – MaxBlax360 Apr 10 '18 at 13:51
  • 3
    In version 2.2.0 of django swagger, is there a bug with Authorize button. Downgrade to version 2.1.2 the problem is fixed. – Diego Puente Oct 04 '18 at 06:22
  • 1
    @Melvic Is there any way to append the "Token " string to the token value? I am creating swagger specifications to be used to generate C# client using codegen, so am stuck there. – Swapnil Sawant Dec 01 '20 at 19:21
1

Isn't there a way to login as an admin, or any other user to view the docs.

If your only use token authentication, first create tokens for your users, then access the resources by setting the header

curl -X GET http://127.0.0.1:8000/api/example/ -H 'Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b'
Windsooon
  • 6,864
  • 4
  • 31
  • 50
  • 1
    I do that when I call my serivces. However, isn't the swagger UI supposed to be accessed in the browser, not using cURL or Postman? – Melvic Ybanez Sep 17 '16 at 14:17
  • I'm not familiar with swagger, I don't know if `swagger UI supposed to be accessed in the browser` without use SessionAuthentication. But you can also enable SessionAuthentication in DRF. – Windsooon Sep 17 '16 at 14:23
  • My API services use token authentication. The Swagger plugin is only there to generate the api docs. So it should be accessed in a browser AFAIK. I can't just change my API design to `SessionAuthentication` just so I can login to Swagger or something like that. – Melvic Ybanez Sep 17 '16 at 14:26
  • answer should be swagger specific only. – PyThon May 10 '17 at 10:54