Key Features of REST:
-
Serialization: Allows automatic conversion of Django models to JSON and vice versa, hence efficient data transfer between client and server.
-
URL ROuting: DRF provides URL routing same as Django's router, that enables association of URLs with their API views efficiently.
-
Authentication: Offers various authentication including the basic auth and token auth(session based scenarios). Also supports JWT through third party(stateless scenarios).
-
Permission: Allows best control over user permissions
-
Throttling/Rate Limiting: These helps in limiting number of requests a client can make within a certain period.
-
Pagination: Provides built in support for paginating larger datasets in API responses.
-
Browsable API: Has a user friendly HTML interface for testing and exploring APIs directly from the browser.
pip install djangorestframework
Add the the app to installed app in the settings as below:
** 'rest_framework'
Steps for defining an API are acreating a serizlizer class(serializers.py), views and then binding the urls.
DRF has in built permissions used to secure the API. You can set the permissions at three levels:
- Project-level
- View-level
- Model-level
They are set in the single Django settting called REST_FRAMEWORK in settings.py file.
Despite the default allowAny policy, it has other built-in project levele permissions sucj as:
- IsAutheneticated: Access to only authenticated users
- IsAdminUser: Only admin/superuser access
- IsAuthenticatedOrReadOnly:Only authenticated users can perfom CRUD
REST has two main decorators for views: @apiview( decorator for working with function based views) """summary """ APIView ( decorator class for working with CBV)