I finally finished the Django Rest Framework Tutorial. It’s my second time through it, but the first time, I didn’t really grok much of it. This second time through, I didn’t skim over anything. Instead, I read the code, read the Django docs, read the Django code, and took a lot more time and effort to understand what’s going on. My comprehension isn’t full, but it’s pretty good now.
It’s a very good tutorial: it’s dense, and each lesson builds on the previous one. You need to study Django if you don’t already know it, because it assumes you know Django-style models and views. All my experience with Django was toy programs and some tweaks to sites, so deeper study was required.
The final code is very short. The tutorial starts with simple code, and then introduces the basics, building up a fair amount of code. Then, it replaces the code with shorter code that use classes and functions that automatically implement the usual generic behaviors we expect of RESTful APIs.
This post will list these classes and functions, “backwards” from the most “automatic” to the most “manual.”
DefaultRouter() – wires up viewsets to the usual routes
ViewSets – creates the usual CRUD actions based on a queryset, serializer_class, and permission_classes
@detail_route – adds a route to a detail view
@api_view – identifies the main view for the API
GenericAPIView – abstract class with get, post, etc. to define
HyperlinkedModelSerializer – puts URLs in place of PKs
url pattern names – an URL-and-classname-independent naming scheme that enables links to be “reversed”
reverse – a function to turn a url pattern name into a url
ModelSerializer – a generic seralizer that reads from the Meta inner class for values for model and fields
ListAPIView – takes a serializer_class and a queryset, and produces a list
RetrieveAPIView – produces a detail
These Views take care of things like the data format (JSON, API, etc)
permission_classes – a kind of declarative-ish system to encapsulate and identify complex permission logic, via classes.
User – a built-in user class
rest_framework.urls – a library that has the login and logout features. add to the urlpatterns, put it into the rest_framework namespace. (This is a built-in login and logout that works with the User class. It can work via the traditional HTTP Auth system.)
GenericAPIView – adds the common views provide get, post, put, delete, etc. other http verbs.
Response(serializer.data) – takes serializer data and turns it into json, html, etc.
ListModelMixin – code to make lists, provides list()
CreateModelMixin – provides create()
RetrieveModelMixin, UpdateModelMixing, DestroyModelMixing – ditto
APIView – root class of all APIViews, and doesn’t include abstract methods. Use to create class-based views.
@api_view – decorator for function-based views. params define which http verbs are handled.
Request – encapsulates all types of requests
Response – handles content negotiation, turns python data structures into json, yaml, etc.
patterns, url – structure to hold the url routing information and dispatch code
Model – django models, an abstraction to the database layer, providing object creation as well as filtering and some relational functionality
Serializer – turns a model into a generic data structure in python
ModelSerializer – a generic way to make serializers for regular models
@csrf_exempt – prevents the output from being sent through a CSRF sanitizer
If your application is pretty generic, your code will look like the 6th tutorial. If it’s more complex and nonstandard, it’ll be like 3 or, even 2 or 1.