Skip to content

Commit

Permalink
Updated Swagger config to prevent requesting external schemas (#4590)
Browse files Browse the repository at this point in the history 
* Initial Swagger UI override

* Removed Swagger URL field

---------

Co-authored-by: Nicholas Long <[email protected]>
  • Loading branch information
@axelstudios @nllong
axelstudios and nllong authored Mar 29, 2024
1 parent a73eb13 commit 89aad7b
Show file tree
Hide file tree
Showing 2 changed files with 94 additions and 1 deletion.
2 changes: 1 addition & 1 deletion config/settings/common.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,6 @@
'django_extensions',
'django_filters',
'rest_framework',
'drf_yasg',
'oauth2_provider',
'oauth2_jwt_provider',
'crispy_forms', # needed to squash warnings around collectstatic with rest_framework
Expand All @@ -114,6 +113,7 @@
'seed',
'seed.lib.superperms.orgs',
'seed.docs',
'drf_yasg', # `drf_yasg` must come after `seed` to use the custom swagger-ui template
)

# Added by Ashray Wadhwa (08/19/2020)
Expand Down
93 changes: 93 additions & 0 deletions seed/templates/drf-yasg/swagger-ui.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
{% load static %}
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>{% block title %}{{ title }}{% endblock %}</title>

{% block extra_head %}
{# -- Add any extra HTML heads tags here - except scripts and styles -- #}
{% endblock %}

{% block favicon %}
{# -- Maybe replace the favicon -- #}
<link rel="icon" type="image/png" href="{% static 'drf-yasg/swagger-ui-dist/favicon-32x32.png' %}"/>
{% endblock %}

{% block main_styles %}
<link rel="stylesheet" type="text/css" href="{% static 'drf-yasg/style.css' %}"/>
<link rel="stylesheet" type="text/css" href="{% static 'drf-yasg/swagger-ui-dist/swagger-ui.css' %}">
{% endblock %}
{% block extra_styles %}
{# -- Add any additional CSS scripts here -- #}
{% endblock %}
</head>

<body class="swagger-body">

{% block extra_body %}
{# -- Add any header/body markup here (rendered BEFORE the swagger-ui/redoc element) -- #}
{% endblock %}

<div id="swagger-ui"></div>

{% block footer %}
{# -- Add any footer markup here (rendered AFTER the swagger-ui/redoc element) -- #}
{% endblock %}

<script id="swagger-settings" type="application/json">{{ swagger_settings | safe }}</script>
<script id="oauth2-config" type="application/json">{{ oauth2_config | safe }}</script>

{% block main_scripts %}
<script src="{% static 'drf-yasg/swagger-ui-dist/swagger-ui-bundle.js' %}"></script>
<script src="{% static 'drf-yasg/swagger-ui-dist/swagger-ui-standalone-preset.js' %}"></script>
<script src="{% static 'drf-yasg/insQ.min.js' %}"></script>
<script src="{% static 'drf-yasg/immutable.min.js' %}"></script>
<script src="{% static 'drf-yasg/swagger-ui-init.js' %}"></script>
{% endblock %}
{% block extra_scripts %}
<script>
swaggerUiConfig.layout = 'BaseLayout';
swaggerUiConfig.filter = false;
</script>
{% endblock %}

<a id="oauth2-redirect-url" href="{% static 'drf-yasg/swagger-ui-dist/oauth2-redirect.html' %}" class="hidden"></a>

{% if USE_SESSION_AUTH %}
<div id="django-session-auth" class="hidden">
{% block session_auth_button %}
{% csrf_token %}

{% block user_context_message %}
{% if request.user.is_authenticated %}
<div class="hello">
<span class="django-session">Django</span> <span
class="label label-primary">{{ request.user }}</span>
</div>
{% endif %}
{% endblock %}

{% if request.user.is_authenticated %}
<div class='btn authorize'>
<a id="auth" class="header__btn" href="{{ LOGOUT_URL }}?next={{ request.path }}" data-sw-translate>
{% block django_logout_message %}
Django Logout
{% endblock %}
</a>
</div>
{% else %}
<div class='btn authorize'>
<a id="auth" class="header__btn" href="{{ LOGIN_URL }}?next={{ request.path }}" data-sw-translate>
{% block django_login_message %}
Django Login
{% endblock %}
</a>
</div>
{% endif %}
{% endblock %}
</div>
{% endif %}
</body>

</html>

0 comments on commit 89aad7b

Please sign in to comment.