How to disable admin-style browsable interface of django-rest-framework?

Question

Welcome To Ask or Share your Answers For Others

How to disable admin-style browsable interface of django-rest-framework?

asked Oct 17, 2021 in Technique[技术] by 深蓝 (71.8m points)

I am using django-rest-framework. It provides an awesome Django admin style browsable self-documenting API. But anyone can visit those pages and use the interface to add data (POST). How can I disable it?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

337 views

1 Answer

深蓝 · Answer 1 · 2021-10-17T00:56:09+0000

You just need to remove the browsable API renderer from your list of supported renderers for the view.

Generally:

REST_FRAMEWORK = {
    'DEFAULT_RENDERER_CLASSES': (
        'rest_framework.renderers.JSONRenderer',
    )
}

Per-view basis:

class MyView(...):
    renderer_classes = [renderers.JSONRenderer]

Aside:

In many cases I think it's a shame that folks would choose to disable the browsable API in any case, as it's a big aid to any developers working on the API, and it doesn't give them more permissions that they would otherwise have. I can see that there might be business reasons for doing so in some cases, but generally I'd consider it a huge asset. Although, in some cases there may be details shown (like the names of custom actions) that a non-public API may not want to expose.

See also the answer below for more detail about restricting the browsable API renderer to development.

Categories

How to disable admin-style browsable interface of django-rest-framework?

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags