Add config option to not expose SWAGGER schemas to unauthenticated users

[XioNoX]

NetBox version

3.2

Feature type

Change to existing functionality

Proposed functionality

Swagger metadata are by default opened to unauthenticated users. I'd like to add a configuration option to be able to only expose them to authenticated users.

Even though it's only the metadata (and not read or write operations) public Netbox instances attract a significant amount of "Google traffic" and people experimenting with the API, slowing down Netbox. This is a real world issue we're having at Wikimedia.

An alternative would be to disable it by default (and not configuration option) to keep the config more learn, but this might be a breaking change for existing users.

I already have a working change on https://github.com/XioNoX/netbox/commit/14472c0cf4bc48f066af6da1c8f8b05084bd78d4 (tested on 3.6) so I can send a PR if this is approved.

Use case

See above.

Database changes

None.

External dependencies

None.

[jeffgdotorg]

Thanks for the feature suggestion, and particularly for teeing up a working change set. Please go ahead and make a PR.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. NetBox is governed by a small group of core maintainers which means not all opened issues may receive direct feedback. Do not attempt to circumvent this process by "bumping" the issue; doing so will result in its immediate closure and you may be barred from participating in any future discussions. Please see our contributing guide.