Search code examples
pythondjangodjango-rest-frameworkdjango-rest-auth

Creating an REST API Django

The first thing that I would like to say is that I have no previous experience with python and any framework python related. However, I have programming experience.

So, I want to create a REST API using python with frameworks django and djangorestframework. I have managed to create the database (using postgresql) and also managed to create the initial migration. However, I believe that that was the easiest part and I have some questions about the thing that I'm about to implement:

  1. First I want to create an authentication system. I saw that djangorestframework it's able to manage authentication by itself but I was not able to make it run. Can you please guide me to some good tutorials/provide code samples and briefly explain?
  2. After initial migration, I saw that django created some tables for authentication and session management by itself (auth_user, auth_user_groups, etc). Is there any way to use my own model for user? Also, i do believe that I wont need all the features that django offerrs (e.g auth_user_groups). Its there any way to remove those unwanted functionalities?
  3. I was able to create an API endpoint (by following a tutorial) that returns some data (based on a model, a serializer and a view created by me). However, as I want to create more API endpoints I have also to create a serializer and view for each model of mine (which might take a while). Is there any way to create a generic serializer and a generic view method so I don't need to write a specific serializer and a view method (e.g I would like to GET models by /api/books/book/:id, where book its just a placeholder for any model)?

P.S. If this post lacks any informations please let me know in a comment and I will edit this post.

Solution

  • Okay, let's see:

    1. Documentation is your best friend. This is especially true in case of Django which has great documentation. Generally, there are three ways to use authentication in Django:

      • Default User class (django.contrib.auth.user.models) just works out of the box.

      • You can extend it by creating other model (like Profile) and linking it via OneToOneField.

      • Alternatively, you can provide your own User class via subclassing (usually AbstractBaseUser) and registering it in Django's settings.

      • Finally, you can write completely custom backend.

      For customization guide consult this article.

    2. For the first part of the question see paragraph above. Regarding removing user groups: its probably possible (though I've never tried it), but I don't see much point. It has practically no overhead whatsoever while providing some useful stuff like staff/admin groups for Django's admin panel.

    3. Absolutely there is a generic solution. Just use generic API views. Again, I'm linking documentation. In short, you want to use subclasses of GenericAPIView class. For instance, let's say to want to list User objects under /users/ path:

      url(r'^/users/', ListCreateAPIView.as_view(queryset=User.objects.all(), serializer_class=UserSerializer), name='user-list')

      For your particular example you would use RetrieveAPIView. If you want to look it up with pk you don't even have to configure it.