The types of available authentication include:
BasicAuthentication
: This class provides an HTTP basic authentication against a username and a password.SessionAuthentication
: This class works with Django’s session framework for authentication.TokenAuthentication
: This class provides a simple token-based authentication. The request must include the token generated for a user as the value for theAuthorization
HTTP header key with the'Token '
string as a prefix for the token.
We shouldn’t use an HTTP basic authentication or a simple token-based authentication over plain HTTP in a production environment.
Permissions use the authentication information included in the request.user
and request.auth
attributes to determine whether the request should be granted or denied access. Permissions allow us to control which types of users will be granted or denied access to the different features, methods, resources, or resource collections of our RESTful Web Service.
Install DRF:
Enter your virtualenv
cd project
. venv/bin/activate
Install DRF:
pip3 install install djangorestframework
Now in settings.py, add to INSTALLED_APPS:
INSTALLED_APPS = [
...
'rest_framework',
'rest_framework.authtoken', # Token authentication
]
Also add an object:
REST_FRAMEWORK = {
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
'PAGE_SIZE': 10,
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated',
],
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
),
'DEFAULT_FILTER_BACKENDS': (
'django_filters.rest_framework.DjangoFilterBackend',
'rest_framework.filters.OrderingFilter',
'rest_framework.filters.SearchFilter',
),
}
Apply any necessary migrations with:
./manage.py migrate
My models.py:
from django.db import models
from django.utils import timezone
# Create your models here.
class ShortLink(models.Model):
id = models.AutoField(primary_key=True, unique=True)
short_link = models.CharField(max_length=15, unique=True)
long_link = models.CharField(max_length=500, unique=True)
created_at = models.DateTimeField(default=timezone.now)
modified_at = models.DateTimeField(default=timezone.now)
owner = models.ForeignKey(
'auth.User',
related_name='shortlinks',
on_delete=models.CASCADE)
def __str__(self):
return self.short_link
In urls.py:
from django.urls import include, path
from rest_framework import routers
from rest_framework.authtoken.views import obtain_auth_token
from . import views
router = routers.DefaultRouter()
urlpatterns = [
path('', include(router.urls)),
path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),
path('api-token-auth/', obtain_auth_token, name='api_token_auth'),
]
Add your Serializer to serializers.py:
from django.db import models
from rest_framework import serializers
from shorten.models import ShortLink
class ShortLinkSerializer(serializers.ModelSerializer):
class Meta:
model = ShortLink
fields = [
'id',
'short_link',
'long_link',
'created_at',
'modified_at',
]
Add your view to views.py:
from django.shortcuts import render
from rest_framework import viewsets
from shorten.models import ShortLink
from .serializers import ShortLinkSerializer
# Create your views here.
class ShortLinkViewSet(viewsets.ModelViewSet):
queryset = ShortLink.objects.all()
serializer_class = ShortLinkSerializer
Joel G Mathew, known in tech circles by the pseudonym Droidzone, is an opensource and programming enthusiast.
He is a full stack developer, whose favorite languages are currently Python and Vue.js. He is also fluent in Javascript, Flutter/Dart, Perl, PHP, SQL, C and bash shell scripting. He loves Linux, and can often be found tinkering with linux kernel code, and source code for GNU applications. He used to be an active developer on XDA forums, and his tinkered ROMS used to be very popular in the early 2000s.
His favorite pastime is grappling with GNU compilers, discovering newer Linux secrets, writing scripts, hacking roms, and programs (nothing illegal), reading, blogging. and testing out the latest gadgets.
When away from the tech world, Dr Joel G. Mathew is a practising ENT Surgeon, busy with surgeries and clinical practise.