using the Swagger-UI adds an additional "/api" to the request URL and is missing auth type in header

[zeddD1abl0]

NetBox version

v3.5.0

Python version

3.9

Steps to Reproduce

1. Go to the Swagger UI for the API (https:///api/schema/swagger-ui/)
2. Authorize using token to activate testing with Swagger UI
3. On any resource, attempt to use the Swagger UI

Expected Behavior

Swagger should be able to perform the action as expected by the API request used. It should be able to display the response from the request made.

Observed Behavior

The URL for the request that Swagger generates has another "/api" in the path. Also, the "Authentication" header is missing the "Token " preceding the token string itself.

For Example:

curl -X 'GET' \
  'https://netbox/api/api/dcim/devices/?id=1' \
  -H 'accept: application/json' \
  -H 'Authorization: <token>'

Results in the default "Page not Found" error page

The following does work

curl -X 'GET' \
  'https://netbox/api/dcim/devices/?id=1' \
  -H 'accept: application/json' \
  -H 'Authorization: Token <token>'

[jeremystretch]

I was able to correct the base path in the 12410-openapi-fixes branch, however I'll need to dig more into resolving the missing token prefix for the authorization header. The drf-spectacular documentation suggests using OpenApiAuthenticationExtension to override the header, however this is the default format employed by DRF so I'm surprised it doesn't work out of the box.

[arthanson]

"Token" needs to be added when you enter the authentication details in the api/schema Authorize dialog (see screenshot below) if you do enter "Token xxx..." it works correctly. Not sure why spectacular does it this way, seems like they should be able to auto-generate that, but it is by design in spectacular.

[jeremystretch]

Given that this isn't technically a bug, and that it's a separate issue from the base path problem, I'm going to close this as resolved by my work in the 12410-openapi-fixes branch. That said, I'm happy to entertain a separate FR with a proposal to improve the Swagger UI to make the authorization process more intuitive.