[英]How can I configure "HTTPS" schemes with the drf-yasg auto-generated swagger page?
I know in a traditional swagger YAML file, we can define the schemes with:我知道在传统的招摇 YAML 文件中,我们可以使用以下方式定义方案:
schemes:
- http
- https
//OR
schemes: [http, https]
However, how can I do the same thing with auto-generated swagger page with the drf-yasg
library?但是,如何使用
drf-yasg
库对自动生成的招摇页面做同样的事情?
Now, the generated swagger page only contains HTTP
schemes, but HTTPS
is missing.现在,生成的 swagger 页面只包含
HTTP
方案,但缺少HTTPS
。 I've tried set the DEFAULT_API_URL
in setting.py
to https://mybaseurl.com
, but it seems not to be working.我尝试将
setting.py
中的DEFAULT_API_URL
设置为https://mybaseurl.com
,但它似乎不起作用。
There is a solution.有一个解决方案。
When defining get_schema_view() in urls.py
, use this code:在
urls.py
中定义 get_schema_view() 时,使用以下代码:
schema_view = get_schema_view(
openapi.Info( ... ),
url='https://example.net/api/v1/', # Important bit
public=True,
permission_classes=(permissions.AllowAny,)
)
Note: You can either use https or http because of that better use this solution with an environment variable for different setups.注意:您可以使用 https 或 http,因为这样可以更好地将此解决方案与环境变量一起用于不同的设置。
To use both http and https schemes in swagger you can extend OpenAPISchemaGenerator
from drf_yasg.generators
.要在 swagger 中同时使用http和https方案,您可以从
drf_yasg.generators
OpenAPISchemaGenerator
class BothHttpAndHttpsSchemaGenerator(OpenAPISchemaGenerator):
def get_schema(self, request=None, public=False):
schema = super().get_schema(request, public)
schema.schemes = ["http", "https"]
return schema
So now you can use it as generator_class
for get_schema_view()
所以现在你可以将它用作
get_schema_view()
的generator_class
schema_view = get_schema_view(
openapi.Info( ... ),
public=True,
generator_class=BothHttpAndHttpsSchemaGenerator, # Here
permission_classes=(AllowAny,)
)
Put放
url='https://your_server_address/'
in the get_schema_view() function with a URL.在带有 URL 的 get_schema_view() 函数中。
Another way to have https
scheme in swagger page is to use SECURE_PROXY_SSL_HEADER
configuration.在 swagger 页面中使用
https
方案的另一种方法是使用SECURE_PROXY_SSL_HEADER
配置。
Assuming that your Django REST API is sitting behind an Nginx that is doing SSL termination, you can let the Nginx forward X-Forwarded-Proto: https
to your Django application (Nginx might already forward this header by default depending on how you set things up).假设您的 Django REST API 位于执行 SSL 终止的Nginx后面,您可以让 Nginx 将
X-Forwarded-Proto: https
到您的 Django 应用程序(默认情况下,Nginx 可能已经转发此标头,具体取决于您的设置方式)。 With the configuration below, your Django application will realize that it is behind a SSL terminating Nginx, and Django's internal function is_secure()
will return True
when the header is present.通过以下配置,您的 Django 应用程序将意识到它位于 SSL 终止 Nginx 的后面,并且 Django 的内部函数
is_secure()
将在标头存在时返回True
。 Refer to Django SSL Settings . 请参阅 Django SSL 设置。
Once the is_secure()
returns True
, the swagger page scheme will automatically turn into https
.一旦
is_secure()
返回True
,swagger 页面方案将自动变为https
。
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
I like this approach since it does not require any hard coding url or even configuring url from environment variables.我喜欢这种方法,因为它不需要任何硬编码 url,甚至不需要从环境变量配置 url。 Additionally, the
is_secure()
function is used internally in other place as well so it is desirable to have the function work as it idealy should.此外,
is_secure()
函数也在其他地方内部使用,因此希望该函数按理想状态工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.