Add PUBLIC_SWAGGER configuration option

Swagger metadata are by default opened to unauthenticated users.
Add a configuration option to be able to only expose them to
authenticated users.

Even though it's only the metadata (and not read or write operations)
public Netbox instances attract a significant amount of "Google traffic"
and people experimenting with the API, slowing down Netbox.

An alternative would be to disable it by default (and not configuration
option) to keep the config more learn, but this might be a breaking
change for existing users.

docs/configuration/miscellaneous.md

@@ -180,6 +180,14 @@ When determining the primary IP address for a device, IPv6 is preferred over IPv
 
 ---
 
+## PUBLIC_SWAGGER
+
+Default: True
+
+Swagger exposes by default the schemas to unauthenticated users. Set this to False to only expose them to authenticated users.
+
+---
+
 ## QUEUE_MAPPINGS
 
 Allows changing which queues are used internally for background tasks.

netbox/netbox/configuration_example.py

@@ -190,6 +190,9 @@ PLUGINS = []
 #     }
 # }
 
+# Expose the SWAGGER UI schemas to unauthenticated users
+PUBLIC_SWAGGER = True
+
 # Remote authentication support
 REMOTE_AUTH_ENABLED = False
 REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'

netbox/netbox/settings.py

@@ -653,6 +653,7 @@ SPECTACULAR_SETTINGS = {
     'VERSION': VERSION,
     'COMPONENT_SPLIT_REQUEST': True,
     'REDOC_DIST': 'SIDECAR',
+    'SERVE_PUBLIC': getattr(configuration, 'PUBLIC_SWAGGER', True),
     'SERVERS': [{
         'url': BASE_PATH,
         'description': 'NetBox',