Always vary cached schema on Cookie and Authorization

This is needed to play nice with session auth on the schema view and with CurrentUserDefault.
axnsan12 · Jan 2, 2018 · f81795d · f81795d
1 parent caa397b
commit f81795d
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 5 deletions.
diff --git a/README.rst b/README.rst
@@ -251,9 +251,9 @@ caching the schema view in-memory, with some sane defaults:
 * caching is enabled by the `cache_page <https://docs.djangoproject.com/en/1.11/topics/cache/#the-per-view-cache>`__
   decorator, using the default Django cache backend, can be changed using the ``cache_kwargs`` argument
 * HTTP caching of the response is blocked to avoid confusing situations caused by being shown stale schemas
-* if `public` is set to ``False`` on the SchemaView, the cached schema varies on the ``Cookie`` and ``Authorization``
-  HTTP headers to enable filtering of visible endpoints according to the authentication credentials of each user; note
-  that this means that every user accessing the schema will have a separate schema cached in memory.
+* the cached schema varies on the ``Cookie`` and ``Authorization`` HTTP headers to enable filtering of visible endpoints
+  according to the authentication credentials of each user; note that this means that every user accessing the schema
+  will have a separate schema cached in memory.
 
 4. Validation
 =============

diff --git a/src/drf_yasg/views.py b/src/drf_yasg/views.py
@@ -94,8 +94,7 @@ def apply_cache(cls, view, cache_timeout, cache_kwargs):
 
             Arguments described in :meth:`.as_cached_view`.
             """
-            if not cls.public:
-                view = vary_on_headers('Cookie', 'Authorization')(view)
+            view = vary_on_headers('Cookie', 'Authorization')(view)
             view = cache_page(cache_timeout, **cache_kwargs)(view)
             view = deferred_never_cache(view)  # disable in-browser caching
             return view