django django-rest-framework jwt django-rest-auth django-rest-framework-jwt

Security in Django API

I have a sign up API for Django Rest FrameWork without authentication or any permissions. anyone that has access to the sign up API url can create an Account nonstop.My question is, is this secure?

Solution

If you implement the api without any type of security. Depending on what you let the user do with the api, which endpoints they can hit.

Is there any server side security?

You can implement Jason Web Token: simple JWT

You can check also django throttling : Throttling

You can also research on how to limit api calls from a device.

django: on pypy, psyco, unladen swallow or cpython, which one is the fastest?
Password Reset functionality inheriting from Django clases - reverse url issues ('uidb64')
how to log a file in Django
Using filters with model inheritance
How to render a pdf file as pdf in browser using django
django.db.utils.ProgrammingError: relation "bot_trade" does not exist
Django DRF: @permission_classes not working
How to prevent bleach from escaping > (blockquote) tag used in Markdown
how to solve django.db.utils.NotSupportedError in django
CSRF cookie error after Django 3.2 update (DRF with token authentication)
How to make an Inner Join in django?
Object of type ListSerializer is not JSON serializable
How to get the common name for a pytz timezone eg. EST/EDT for America/New_York
How to serialize user permissions in Django Rest Framework?
Fatal Python error: init_fs_encoding: failed to get the Python codec of the filesystem encoding, when trying to start uwsgi
Error attempting to deploy my Django app on Vercel
Complex query using Django QuerySets
How to call asynchronous function in Django?
Django Sitemaps : Get only pages of the current website
How to manage.py loaddata in Django
'Invalid filter: 'length_is' Error in Django Template – How to Fix?
How to call OneToOneField reverse relationship in template (django)?
Django Rest Framework POST Update if existing or create
Django: get current manage.py command
Change Django ModelChoiceField to show users' full names rather than usernames
How to do aggregate raw sql with julian date in sqlite (with django)
Django send excel file to Celery Task. Error InMemoryUploadedFile
Monitoring django rest framework api on production server
Interactive Graphviz graphs in a web application
Django: Not Found static/admin/css