Write an API for Almost Anything (or The Amazing Power and Flexibility of Django Rest Framework)


Formal Metadata

Write an API for Almost Anything (or The Amazing Power and Flexibility of Django Rest Framework)
Title of Series
Part Number
Number of Parts
Mays, Charlotte
Confreaks, LLC
CC Attribution - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this license.
DjangoCon US
Release Date

Content Metadata

Subject Area
This talk will feature a few off-the-beaten-path applications of APIs. Since the combination of Django and DRF makes it so easy to get a simple API running, it becomes a very powerful, flexible, and expandable tool for a variety of uses. The only thing these applications may have in common is their need to share data across the web. Whether you have not yet tested the waters of Django Rest Framework or you are a DRF veteran, this talk will inspire you to think both big and small when considering its potential uses.
Computer animation Software framework Sound effect Power (physics)
Area Slide rule Computer programming Presentation of a group Information Software developer Home page Computer program Code Interface (computing) Set (mathematics) Interface (computing) Computer programming Local Group Local Group Computer animation Linker (computing) Web-Designer Term (mathematics) Software Self-organization
Complex (psychology) Scheduling (computing) Context awareness Building Code Java applet State of matter Multiplication sign Client (computing) Perspective (visual) Web 2.0 Plane (geometry) Single-precision floating-point format Software framework Information Aerodynamics Physical system Broadcast programming Building Software developer Web page Functional (mathematics) Web application Arithmetic mean Software framework Quicksort Resultant Web page Server (computing) Real number Power (physics) Template (C++) Term (mathematics) Software Scripting language Data structure Subtraction Game theory Context awareness Multiplication Information Scripting language Gender Java applet Code Client (computing) Set (mathematics) Cartesian coordinate system Local Group Word Computer animation Function (mathematics) Game theory Separation axiom
Mobile app Game controller Greatest element Identifiability Serial port Computer file Model theory View (database) Scientific modelling Field (computer science) Template (C++) Medical imaging Database Software framework Router (computing) Physical system Information View (database) File format Building Gender Electronic mailing list Instance (computer science) Cartesian coordinate system Uniform resource locator Computer animation Software framework Self-organization Quicksort Local ring Separation axiom
Serial port View (database) Building Scientific modelling View (database) Set (mathematics) Subset Word Computer animation Personal digital assistant Query language Software framework Self-organization Software framework Object (grammar) Data type Subtraction Social class
Default (computer science) Namespace Building Scientific modelling View (database) Gender Line (geometry) Functional (mathematics) Uniform resource locator Medical imaging Computer animation Personal digital assistant Software framework Software framework Data structure Router (computing) Subtraction Router (computing)
Reading (process) Mobile app Serial port View (database) Patch (Unix) Scientific modelling 1 (number) Coma Berenices Field (computer science) Number Goodness of fit Linker (computing) Software framework Information Data structure Subtraction Operations research Namespace Electronic mailing list Sampling (statistics) Instance (computer science) Line (geometry) Functional (mathematics) Software development kit Uniform resource locator Computer animation Self-organization Reading (process)
Reading (process) Group action Set (mathematics) View (database) Scientific modelling Authentication File format Parameter (computer programming) Template (C++) Power (physics) Usability Uniform resource locator Mathematics Computer configuration Military operation Operator (mathematics) Energy level Software framework Information Data structure Authentication Information View (database) File format Gender Software developer Sound effect Usability Parameter (computer programming) Instance (computer science) Group action Cartesian coordinate system Computer configuration Computer animation Software framework Reading (process)
Uniform resource locator Inclusion map Mathematics Computer animation Function (mathematics) Sampling (statistics) Control flow Software testing Software framework Software testing Information
Point (geometry) Code Length Equaliser (mathematics) Scientific modelling View (database) Sheaf (mathematics) Regular graph Attribute grammar Software testing Software framework Information File format Namespace Gender Electronic mailing list Sampling (statistics) Sound effect Set (mathematics) Instance (computer science) Functional (mathematics) Uniform resource locator Summation Sample (statistics) Computer animation Personal digital assistant Dependent and independent variables Software testing Right angle Object (grammar) Reverse engineering
Scheduling (computing) Group action Serial port Scientific modelling Multiplication sign Direction (geometry) Source code Parameter (computer programming) Mereology Information privacy Reinforcement learning Formal language Software framework Information Area Spacetime File format Software developer Instance (computer science) Functional (mathematics) Twitter Entire function Connected space Order (biology) Software framework Quicksort Data type Point (geometry) Slide rule Mobile app Web browser Local Group Revision control Authorization Theorem Integer Subtraction Authentication Information Gender Projective plane Set (mathematics) Cartesian coordinate system Local Group Table (information) Uniform resource locator Software Personal digital assistant Query language Factory (trading post) Formal grammar Spectrum (functional analysis)
Coma Berenices
over and the long and the
and the way in knowledge
and I
never hear me OK great effect so I'm going to talk about writing API for
almost anything I am as as a set of web developer at cactus groups I am 1 of the organizers of the pilot his group in our area and most importantly for this talk I am a builder and user of API I the like to follow my slides the link is here and I will also have that link again at the end of the presentation so if you just want to reference later where you can get at the end
so which surprise start by defining the terms what exactly is an API what stands for application programming interface but inadvertently on is that probably doesn't give you any more information you had before has more importantly it is coded that lets to software programs communicate with each other that's the really key piece about what an API and that's what makes it both powerful and useful
so we like MPIs because they give us flexibility once you've got an API and planes you got access all basic functions are reading your data updating your date etc. Our without the entire structure of what you expect the workflow to be and so that gives you flexibility to be able to do different kinds of things they also getting more access obviously we think of API is largely in terms of users being able access directly but you also can use an API internally and make it not even expose it to the outside world but use it with 2 different pieces of code on 1 server or on 2 different servers that just talk to each other and so that you have better access to your own systems and you can also use this for future-proofing if you want to get an API and place that gives you the ability when suddenly a customer has them and need right now and go do something a little different you've got an API and place the gives you that flexibility again makes it easier to implement new things without as much complexity
so did example of when an API might come in handy I have a friend is a real story massage therapist who needed his scandal information to be shareable without the client information attached to basically what times yet appointments without the client names His Scantlings after while a lot of things that that new that's but it did have an API so we were able to put together a small script they can pull that schedule information via the API strip out the client information and then post that appointment information up to add shareable calendar the API in other words made it possible for him to create an otherwise non-existent feature from the perspective of a user not a developer a Yeltsin can use API for non web applications as mentioned this briefly we often think of Django as as being a web framework and that as its primary purpose but that doesn't mean that its power and flexibility is limited to the web and as an example I gave a talk at a game conference about how this could be used to create a game back so that the front and the user experience the game play can all be done without having to worry about the shared state of the game for Multi Layer I packed application agency that code up on my get have he also can use API is for internal separation of code within your own applications modern applications are heavily reliant on Java scripts to be highly interactive and responsive and and so that requires JavaScript and you can use API separator jingo code from your JavaScript which results in having cleaner code because you don't have that all tangled together in spaghetti code and also makes it easier to use like JavaScript frameworks that again may often be built around building a single page act which isn't quite the waging a templates work so if you have your code build with an API you can have that JavaScript framework built as a single page out and they can retrieve the data in context that it needs a simple API requests and again this can be on the same server so you're not really dealing with the sort of latency here I said how do we do that there are a lot of ways to build API and a lot of packages available to do it in this talk is going to focus on gender arrest framework generous frameworks sits nicely on top of existing gender code and has a very thorough feature set and cactus group uses gender as framework all the time we likely enough we actually even sponsor it when we show you why so here's the
anatomy averaging arrest framework API at the bottom here you've got your existing gender models which agenda takes care of your database all that sort of thing on top of that the next layer you've got is your serializer this is a piece of generous framework that is just go take your model information and pass it into a format it's going in both directions so that the views that can work with the use is the next layer here and that is why it handles OK and my creating a new instance and my updating in at 50 you just want a list of the instances the you set handles figuring out what information needs to either come out of the database or go into the database and control that and then the last thing on top of that is the router and that's what handles the actual access via the URL so where do we put these things this is my convention I like to have a file called is this all it within my application within my app with imaging out and identify local serializer stopped that has my serializes and I like to put my view sets directly interviews up high if you want separation if you're still using Django templates and not separation you can also put this into a file called API that I would work just fine that way too and then the router is gonna go right into your Urals stuff I this can be inside the apple or it can be your global URL that I either way all right so let's start at the bottom and talk about the serializer so
this is the serializer isn't it and so we're going to import serializes for rest framework organ importer model for models file were going to create a serializes just subclassing Virginia URIs framework model serializes given a metaclass tell what the model is Intel of fields and 1 included In the field that's not listed here the API system ignore since you have private internal fields you leave serializer and they will be exposed now let's move up a step in a
letter to the set so an import that
view set organ importer model again and on an import deserializer that we just created then organize again SubClassOf the model set from Genghis framework tell what query set as in this case I'm just using all of the objects that I have for my model you could do different view sets for different types of few different subsets of your data if you wanted to have different functionality but but in this example words can use all at and then you tell what serializer classes from your serializer the recreated and
finally looks but the router on top and this is done
and that's just right within your existing gender Urals because I have a convention that I liked import the views as a namespace to things because if you stop putting enormous especially if you put this in a global URL style but either way it makes it much easier to read when you look down here we're going find a router rather equals routers debt default router that's just an initialize it using imaging arrest framework rather structure and we're we're going to register our model with this a rather step rather got register or in a given name space and is giving it the name the model in this case but it can be anything and then you're gonna tell whether the set as generous framework will take care of passing the different U R L's and the different and methods that need to happen here and then we just have to include are out about your else if you had other models other view sets that you were importing you just the annex to register line free to those the rest of this would stay the same way Island at the very bottom here about 1 other thing it's handy to have on there and is the API also which gives you access to the generous framework built and browsable API seeking click around and see what the functionality great ideas for learning the structure right so
when we're accessing the API our API structure is typically done using the crowd acronym create read update and delete and were any specific age to be methods so that generous framework knows what we're trying to accomplish so they're trying to create an instance we're going to post what we're trying to read either get a list of good detail view were going to get for update organ is either put or a patch the big difference between these is put is then expect all of the fields just as if you're doing a post whereas catch will just take whatever fields you gave me an innocent those are the ones that change and everything else and so we all at once and then finally delete uses the aged delete method yeah there are more HTTP methods than this but these are all you need know about for this particular functionality the so
just to give you a few examples and reprinting our register line from the Urals step I here seating reference the only thing that we really need reference here the my model namespace that we gave it so this is then translate into if I do I get http request to my app . com slash my model is going to give me a list of the instances as can be based on that serializer if I do opposed to that same URL to stat . com slash my model and it's going create a new it's it's it's going to expect me to be passing the data to train a new instance I have I do get to my model slash and ID number then it's gonna get me the details for the answers has that ID if I do it delete that same detail URL then it's going to delete that answers these are not is not exhaustive list of the ways you can it is just a sample to be an idea of how this works out more detail can be found at dangerous frameworks documentation a link to here so it's
going users doing all this maybe you don't want your users directly having access to delete instances where's the options you can either put a layer of authentication on top I that layer of authentication will use the same application as you Django user model and so if you want to restrict access you can restrict access exactly the same we've already got a restricted on your templates and so on and so whenever a user doesn't have access to normally they will have access to through generous framework you also can this just read-only view sets gender has built in read only the effect so if you want to what people access information but not update anything or delete anything that's a one-line change from what I just showed you and you cannot specific actions so maybe the only thing you don't want users doing is the leading you can just restrict to that specific action at the views set level and all this information again generous framework has fantastic documentation about how to customize all these different things when you try to give you an idea of what the power of this is speaking of
documentation your API will need documentation because nobody's variable make use of it if they don't have any documentation of this is due usability even if you're only using it internally your developers will thank you if you have documentation I but there's a very specific structure that we need here is this isn't going to be highly variable because this API we constructed the same way over and over again you'll need to give the URL in HDP method what operations performed when you hit that you URL with that method what parameters it expects to receive and what data format will be repaired generous framework will do this for you to so you
can just create a docs URL in your your else that time and do include . si or else imported straight from generous framework and it will create your API documentation at that URL and you often rendered yeah the I hope that you
also were sitting here thinking about how like trust this because we all should be just the ago and and that also is easy with best so I automated Test give you the ability to set it and forget it they get run when you run your regular tests we and if something breaks for some reason then I'll catch it I'm Tassiulas cannot to highlight changes that should be reflected documentation if you have done any custom documentation so here's some sample
tests and in this case I'm using the API test case that comes with generous framework is built on the Django test cases very very similar you can also use the gender test case directly if you don't wanna try to 1 something new but there's very little that's different from between this and if you use the gender test case directly and so I have a set of function here where I defined my URL and doing a reverse on my model dot-dash list that's going to give me that base URL this is the name space that arrest framework gives to it I'm just as if you had put a name equals in regular URL then understand create some instances for the purposes of my testing Sam's gonna run through and create a couple of instances and then and I've got a test list you here so now I'm going to go itself that why not just like I would in regular Jenga test case point at the URL tell the format is Jason because this all jason I'm and then I'm going to do a minister equal that their response status code is a 200 because is a yet so I'm expecting I'm not creating anything they should just give me a 200 back and I'm in a certain that the length of response that data is 3 in response to date is 1 of those little things that you get with the rest framework test case that you don't get directly with the gender test case and that's just gonna pull out the data section specifically from the response and so I can just make sure the 3 objects In that response the canal to check and make sure that the data is looking like you'd expect it to work I'm but I want to keep things simple for purposes of us a a couple more
samples testing creation is very similar in this case and checking to make sure I get a 2 0 1 because it will have created an object again you can also check to make sure that the attributes are what you expect at this point and then testing the detail view I'm I'm showing is primarily because I wanna show you how I would the effect that URL sums grabbing any 1 of the objects that created just spreading first one comes out of the database at random i and then creating maybe to detail URL by slapping that ID on the end of it and I can do the exact same thing just itself that point that get at what's now my detail URL and again make sure that I get a 200 response right so
that is it we have just built an entire API on top of presumably some Django application area so your homework is to think about what gender projects you have Y wanting a project you have development but you could add an API layer to they public information that is a fantastic place for an API because you'd be amazed of people can pull of public information of their collections of user data those users might want access to that data in different ways think back to that massage therapist example he wanted access to the data in a way that the original developers didn't anticipate if you can't think of a use for your data in an API format don't worry your users well and this is going to give you a competitive advantage because again think about them without their best example if he was using a scheduling software that didn't have an API that he needed this functionality here's a motivation for him to switch to 1 does have an API so you can have this functionality that not many people need but he needs enough that he is willing to pay for a custom softer solution so those little tiny edge cases that you don't wanna build out because only 2 people are ever going to use that somebody might use it via an API don't go to the effort of building it and then you are have that kind of lock-in going on because you've got that API that makes that possible so at this point I will take questions I've got some
resources here again as promised to be slide wing is in the middle if you want to look that up a reference later I'm going arrest framework documentation that example project I mentioned these slides cactus group and my on Twitter that as I walk to a question I ask 1 of my own I noticed you talking about the you know the browsability is an API OS does that mean that there's authentication implied on top of a 48 can authenticate and I think that if there's not an authentication layer that you can go directly to the API R L's I I have all of the cases when I use the browser like acting on when I did have not occasionally arise that was active interest here yes thank you of new sort I what was it is do you versioned URI URL spaces for these exported API is typically or do you have a use case for that screws with solution so you could version if you wanted to I would probably not recommended because you're gonna want to stay current with your app and so by building in this way it's just going to continuously track with your the only time I would try to version it is if there was a model that I was going to deprecate or something and then by versioning I could indicate OK yeah this particular URL set is going to go away and then therefore transition as the only use case I can think of off when you might wanna version and then in that case that ability register things would give you that ability to transition to a new set of your world early 3rd you talked about authentication about no authorization so if I have access to that get in doing that in I know my user ID is 1 of the historical parameter to include all of yeah so again you can look at the logged in user you have access to request a user just like you would in any other trying a request on a and you can have a method in that you said that says you know enough request a user does not equal the required here the users being asked for then permission denied and that is very easy to implement using that authorization hi I'm do this generous grammar play well with time due sources that aren't theorem but that's a good question I think it would I'm assuming he create something is standard for the serializer there is plenty of customization they can be on the serializer so I would think about how to do it would be few and customize the serializer to work with that data sources I and then that would pass it and the use that just as if it were any other serialized data set and that's how I would do it have you ever regretted exposing API to users of because they found something you really did more than a minor because they have been bombarded you with annoying questions I not ever had that experience I will say that in every case where authentication matters for any of the data I applied the application on the API as well I I think that's just solid you know there has been safety I in general that's not public data I would have that authentication layer and again it borrows off of the existing jingo authentication if uh model is going to throw for a 3 when the user requests a particular and since then gender assignment the same thing as long as you got the application turned on the is of 2 parts 1st the comment than a question in OK fine and this is why you talk was also among all the liberal look forward your reasoning absolutely killed all major started on a new project on working with an API incorporating with the j query data table anyway as for the question do you know any Django API projects that are using channels because I feel they both would work well again thanks again to say I have not actually work with you myself I it's something that's interesting but I haven't had a chance to play with so I can't really speak to that and I don't think it would work well but because channels are designed to maintain that open connection and the API is inherently asynchronous so I don't think that they would play well together the skin on are there in the past is any support for the use of the graphics seller some of the queried typed languages there are built on top of a you know API the true vanilla EPI With cried His DRF have been taught about integers already support something like the graphic seller the more dance querying type PPI so anything you can get your application to generate you can then expose 388 it'll be using a custom serializer generally again if it's not directly from a model but was all I've done is I've actually build an API and point that days you generated data it as opposed to the direct original data on so by using that custom serializer functionality you can get just about anything to go through your API portal fiction agreed talk and do you recommend something like mixer or factory boy in order to generate better models Rudistid yes absolutely I usually factory boy i'd edges direct creation of models in this case just because it was simpler I'm but I I usually spectrum poetry instances or the giver much thanks if the the


  504 ms - page object


AV-Portal 3.11.0 (be3ed8ed057d0e90118571ff94e9ca84ad5a2265)