How to disable admin-style browsable interface of django-rest-framework?

后端未结

关注

 3  1276

感情败类 2020-11-29 15:47

I am using django-rest-framework. It provides an awesome Django admin style browsable self-documenting API. But anyone can visit those pages and use the interface to add dat

3条回答

盖世英雄少女心 (楼主)

2020-11-29 16:08
You just need to remove the browsable API renderer from your list of supported renderers for the view.

Generally:
```
REST_FRAMEWORK = {
    'DEFAULT_RENDERER_CLASSES': (
        'rest_framework.renderers.JSONRenderer',
    )
}
```
Per-view basis:
```
class MyView(...):
    renderer_classes = [renderers.JSONRenderer]
```
Aside:

In many cases I think it's a shame that folks would choose to disable the browsable API in any case, as it's a big aid to any developers working on the API, and it doesn't give them more permissions that they would otherwise have. I can see that there might be business reasons for doing so in some cases, but generally I'd consider it a huge asset. Although, in some cases there may be details shown (like the names of custom actions) that a non-public API may not want to expose.

See also the answer below for more detail about restricting the browsable API renderer to development.
0 讨论(0)

查看其它3个回答
发布评论:

提交评论
- 加载中...