From fb8b146bc405798b43862d645125bb520488e03e Mon Sep 17 00:00:00 2001
From: allburov <allburov@gmail.com>
Date: Sat, 25 Nov 2023 20:30:36 +0700
Subject: [PATCH] [core] Add hide swagger doc

---
 docs/site/content/en/docs/how-to/security/index.md | 7 +++++++
 docs/site/content/en/docs/overview/changelog.md    | 1 +
 2 files changed, 8 insertions(+)

diff --git a/docs/site/content/en/docs/how-to/security/index.md b/docs/site/content/en/docs/how-to/security/index.md
index 4f593f62..392c6162 100644
--- a/docs/site/content/en/docs/how-to/security/index.md
+++ b/docs/site/content/en/docs/how-to/security/index.md
@@ -16,6 +16,7 @@ Either protect the API with [Api Key](https://www.fortinet.com/resources/cybergl
 firewalls.
 
 ## Swagger Security ![](/images/versions/plus.png)
+### Username and password
 If you want to hide the project Swagger panel under the password - run the following command to hide under `admin/admin`
 login and password.
 
@@ -29,6 +30,12 @@ Open http://localhost:3000/ and enter `admin / admin` in the inputs:
 
 {{< alert icon="👉" text="Protecting Swagger under the password does not protect your API from other request! Use both techniques to protect your API and Swagger!" />}}
 
+### Disable Swagger
+You also can hide swagger completely by setting `WHATSAPP_SWAGGER_ENABLED=false` environment variable.
+
+{{< alert icon="👉" text="Disabling Swagger does not protect the API, please use API security as well" />}}
+
+
 ## API security ![](/images/versions/plus.png)
 
 You can protect the API by requiring Api Key in a request's headers.
diff --git a/docs/site/content/en/docs/overview/changelog.md b/docs/site/content/en/docs/overview/changelog.md
index 0a1902bc..28baa2a5 100644
--- a/docs/site/content/en/docs/overview/changelog.md
+++ b/docs/site/content/en/docs/overview/changelog.md
@@ -21,6 +21,7 @@ You even can **subscribe to get new updates** there!
 
 ## 2023.11
 November 2023
+- Add `WHATSAPP_SWAGGER_ENABLED=false` so you can hide Swagger documentation (available only in Plus version). [#185](https://github.com/devlikeapro/whatsapp-http-api/issues/185)
 - Add dedicated `media` field in webhook payload - now you can know which media is attached to the message.
 ```json
 {