I'm using DJANGO REST FRAMEWORK to protect my API. Django Throttling that limits the number of requests on an API for Anonymous and authenticates Users.
The throttling is not working on production mode. By the way, I'm using Ubuntu and Nginx server for deploying my site.
I use two way but both didn't work for me. Here are the codes. Please help me. I'm noob in django.
1st Method, Which I use is described below.
Views.py
class SustainedAnon(AnonRateThrottle):
rate = '100/day'
class BurstAnon(AnonRateThrottle):
rate = '10/minute'
class SustainedUser(UserRateThrottle):
rate = '100/day'
class BurstUser(UserRateThrottle):
rate = '10/min'
class ProductApi(generics.RetrieveAPIView, mixins.CreateModelMixin):
lookup_field= 'puid'
serializer_class = ProductApisSerializers
"""
Provides a get method handler.
"""
# permission_classes = (IsAuthenticated,)
throttle_classes = (SustainedAnon,SustainedUser,BurstAnon,BurstUser)
def get_queryset(self):
return ProductApis.objects.all()
def post(self, request,*args,**kwargs):
return self.create(request, *args, **kwargs)
URLS.PY
from django.contrib import admin
from django.urls import path, include
from . import views
from rest_framework.urlpatterns import format_suffix_patterns
urlpatterns = [
path('',views.index, name='index'),
path('api/<slug:puid>/',views.ProductApi.as_view()),
]
2nd Method- DRF
Views.py
class ProductApi(generics.RetrieveAPIView, mixins.CreateModelMixin):
lookup_field= 'puid'
serializer_class = ProductApisSerializers
"""
Provides a get method handler.
"""
# permission_classes = (IsAuthenticated,)
throttle_classes = [UserRateThrottle,AnonRateThrottle]
def get_queryset(self):
return ProductApis.objects.all()
def post(self, request,*args,**kwargs):
return self.create(request, *args, **kwargs)
settings.py
REST_FRAMEWORK = {
'DEFAULT_THROTTLE_CLASSES': [
'rest_framework.throttling.AnonRateThrottle',
'rest_framework.throttling.UserRateThrottle'
],
'DEFAULT_THROTTLE_RATES': {
'anon': '20/minute',
'user': '10/minute',
}
}
Also, in first method I didn't makes any changes in settings.py file while to use 2nd method I add an additional code of DRF for controlling throttling.
Both methods do not work for me.
Using LocMemCache in production will lead to random results.
Chances are you are using more than one process which means each will have each own isolated cache.
Whatever will be cached in one process will not be available to the others.
Using a single process like you do with the runserver make the cache consistent.
TL;DR, don't use LocMemCache in production. Use Redis, Memcache or another shared cache instead.
Related
In the docs there is the example of methods with custom url:
http://www.django-rest-framework.org/tutorial/6-viewsets-and-routers
class SnippetViewSet(viewsets.ModelViewSet):
...
#link(renderer_classes=[renderers.StaticHTMLRenderer])
def highlight(self, request, *args, **kwargs):
snippet = self.get_object()
return Response(snippet.highlighted)
This example add following route:
url(r'^snippets/(?P<pk>[0-9]+)/highlight/$', snippet_highlight, name='snippet-highlight'),
It is possible to add an url without pk param, like this?
r'^snippets/highlight/$'
The ViewSets docs mention using action decorator:
from rest_framework.decorators import action
class SnippetViewSet(viewsets.ModelViewSet):
...
#action(detail=False, methods=['GET'], name='Get Highlight')
def highlight(self, request, *args, **kwargs):
queryset = models.Highlight.objects.all()
serializer = self.get_serializer(queryset, many=True)
return Response(serializer.data)
Then just update your queryset to do whatever it needs to do.
The advantage of doing it this way is that your serialisation is preserved.
If your urls.py looks like this:
from django.contrib import admin
from django.urls import path, include
from rest_framework import routers
from snippets import viewsets
router = routers.DefaultRouter()
router.register('snippets', viewsets.SnippetViewSet)
urlpatterns = [
path('admin/', admin.site.urls),
path('snippets/', include(router.urls)),
]
Then it is reachable via http://localhost:8000/snippets/highlights
To see usage for a POST, or how to change routing, see docs for routers.
Yes, you can do that. Just add your method in the viewset with the list_route decorator.
from rest_framework.decorators import list_route
class SnippetViewSet(viewsets.ModelViewSet):
...
#list_route(renderer_classes=[renderers.StaticHTMLRenderer])
def highlight(self, request, *args, **kwargs):
...
It will add a url without the pk param like :
r'^snippets/highlight/$'
You can even specify the methods it supports using the methods argument in your decorator.
http://www.django-rest-framework.org/api-guide/routers/#usage
Since this question still turns up on first Google Page, here is up-to-date (for the late march of 2020) snippet (pun intended) to start working on your custom ModelViewSet route for single object:
from rest_framework.decorators import action
class SnippetViewSet(viewsets.ModelViewSet):
...
#action(detail=True, methods=['POST'], name='Attach meta items ids')
def custom_action(self, request, pk=None):
"""Does something on single item."""
queryset = Snippet.objects.get(pk=pk)
serializer = self.get_serializer(queryset, many=False)
return Response(serializer.data)
Having default routers from the DRF tutorial will allow you to access this route with: http://localhost:8000/snippets/<int:pk>/custom_action/
I got a DjangoREST APIView that supports Read and Create operations. Something like this:
class FirebaseUser(APIView):
...
get(request):
...
post(request):
...
urls.py:
...
path('user/', views.FirebaseUser.as_view()),
...
I need an API that would accept a read request with user id as url param
GET .../api/user/<userId>
But for create operation there's no user ID yet and I need something like this
POST .../api/user/
What is the best way to make my APIView treat url params differently depending on method?
You can define a ModelViewSet like this in your views.py:
from rest_framework import viewsets
class FirebaseUserViewSet(viewsets.ModelViewSet):
queryset = FirebaseUser.objects.all() # or whatever should your queryset be
serializer_class = FirebaseUserSerializer
Then, in your urls.py you register the viewset:
from django.urls import path
from rest_framework import routers
router = routers.DefaultRouter()
router.register(r'user', FirebaseUserViewSet)
urlpatterns = [
path('', include(router.urls)),
]
This will create a few new API endpoints and you'll be able to do all the CRUD operations.
I suggest reading a bit more about ModelViewSets in the official docs.
Also, if you require only certain operations, for example only read and create you may consider extending only certain mixins from rest_framework.mixins (read more here).
So, I came up with using ViewSet instead of APIView.
This is how it looks now:
urls.py
path('user/', views.FirebaseUser.as_view({'post': 'create'})),
path('user/<str:pk>', views.FirebaseUser.as_view({'patch': 'update', 'delete': 'destroy'})),
views.py
class FirebaseUser(ViewSet):
authentication_classes = [...]
permission_classes = [...]
#staticmethod
def create(request):
...
#staticmethod
def update(request: Request, pk=None):
uid = pk
...
#staticmethod
def destroy(request: Request, pk=None):
uid = pk
...
I am trying to understand Django RESTFramework. I am already familiar with Django. I want to create an endpoint that accepts some text data and processes it and returns it to the user along with the results of the processing (in text). I have completed a couple of tutorials on the topic but I still don't understand how it works. Here is an example from a working tutorial project. How can I edit it to achieve my goal? It all looks automagical.
# views.py
from rest_framework import generics
from .models import Snippet
from .serializers import SnippetSerializer
class SnippetList(generics.ListCreateAPIView):
queryset = Snippet.objects.all()
serializer_class = SnippetSerializer
class SnippetDetail(generics.RetrieveUpdateDestroyAPIView):
# Here I would like to accept form data and process it before returning it along with the
# results of the processing.
queryset = Snippet.objects.all()
serializer_class = SnippetSerializer
Okay, I think you are a newbie in Django rest and try to understand its flow so I can explain it with an example of a subscription plan.
First, create a model in models.py file
from django.db import models
class SubscriptionPlan(models.Model):
plan_name = models.CharField(max_length=255)
monthly_price = models.IntegerField()
yearly_price = models.IntegerField()
Then create views in a view.py file like
from rest_framework.views import APIView
class SubscriptionCreateAPIView(APIView):
serializer_class = SubscriptionSerializer
def post(self, request):
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
serializer.save()
return Response(
{'message': 'Subscription plan created successfully.',
'data': serializer.data},
status=status.HTTP_201_CREATED
)
and then define a serializer for validation and fields in which we can verify which fields will be included in the request and response object.
serializers.py
from rest_framework import serializers
from .models import SubscriptionPlan
class SubscriptionSerializer(serializers.ModelSerializer):
plan_name = serializers.CharField(max_length=255)
monthly_price = serializers.IntegerField(required=True)
yearly_price = serializers.IntegerField(required=True)
class Meta:
model = SubscriptionPlan
fields = (
'plan_name', 'monthly_price', 'yearly_price',
)
def create(self, validated_data):
return SubscriptionPlan.objects.create(**validated_data)
Now add urls in src/subsciption_module/urls.py
from django.urls import path
from .views import SubscriptionCreateAPIView
app_name = 'subscription_plan'
urlpatterns = [
path('subscription_plan/', SubscriptionCreateAPIView.as_view()),
]
At the end include module url in root urls.py file where your main urls will be located. It will be the same directory which contains settings.py and wsgi.py files.
src/urls.py
from django.contrib import admin
from django.urls import path, include
urlpatterns = [
path('admin/', admin.site.urls),
path('api/v1/', include('src.subscription_plan.urls', namespace='subscription_plan')),
]
That's it. This is how flow works in django rest and you can process data and display data in this way. For more details you can refer django rest docs.
But this is not in any way different from what you do with plain Django. Your SnippetDetail view is just a class-based view, and like any class-based view if you want to do anything specific you override the relevant method. In your case, you probably want to override update() to do your custom logic when receiving a PUT request to update data.
I'm creating a rest api that's going to be consumed by desktop based clients.
I want my urls to be like this with a view class named ProjectView:
api.myapp.com/project/ -> uses ProjectView get
api.myapp.com/project/create/ -> uses ProjectView post
api.myapp.com/project/edit/ -> uses ProjectView put
I couldn't manage to bind a single view class to multiple urls without exposing all other actions(get, post, put) to that url. Instead I created ProjectView, ProjectViewCreate, ProjectViewEdit classes which seems pretty pointless.
Is there anyway I can accomplish the url configuration that I outlined with a single view class?
Hmmm...perhaps a solution such as this may be sufficient (modify for your project models as required):
from rest_framework import viewsets
class ProjectViewSet(viewsets.ViewSet):
"""
A simple ViewSet for listing or retrieving, creating and updating projects.
"""
def list(self, request):
....
def create(self, request, pk=None):
....
def update(self, request, pk=None):
....
Then in urls.py:
from myapp.views import ProjectViewSet
from rest_framework.routers import DefaultRouter
router = DefaultRouter()
router.register(r'project', UserViewSet.as_view({'get': 'list'}), base_name='projects')
router.register(r'project/create', UserViewSet.as_view({'post': 'create'}), base_name='project_create')
router.register(r'project/edit', UserViewSet.as_view({'put': 'update'}), base_name='project_update')
urlpatterns = router.urls
Hopefully, with a little modification for your code and url structure - this will work!
Define views as,
from rest_framework.views import APIView
from rest_framework.response import Response
class ProjectView(APIView):
def get(self, request, *args, **kwargs):
# your code GET method code
return Response("This is GET method")
def post(self, request, *args, **kwargs):
# your code POST method code
return Response("This is POST method")
def put(self, request, *args, **kwargs):
# your code PUT method code
return Response("This is PUT method")
and change your urls.py as,
urlpatterns = [
url(r'project/', ProjectView.as_view(), name='project_list'),
url(r'project/create/', ProjectView.as_view(), name='project_create'),
url(r'project/edit/', ProjectView.as_view(), name='project_edit')
]
environment: django==1.11.11, rest_framework
Having methods with the same name handle different routes in the same view class or view set, using the decorator ?
example:
class Indexs(APIView):
#decorator("detailed/")
def get(self, request):
pass
#decorator("list/")
def get(self, request):
pass
# supplemental
I want to handle two GET requests in the same view class. One GET request details, the other request list content, but the same name request is overwritten
urls.py
from django.conf.urls import url
from indexs import views
urlpatterns = [
# url(r'category/$', views.Indexs.as_view()),
url(r'list/$', views.Indexs.as_view()),
url(r'detailed/$', views.Indexs.as_view()),
]
views.py
class Indexs(APIView):
def get(self, request):
return Response({"list": "list"})
def get(self, request):
return Response({"detailed": "detailed"})
http://127.0.0.1/list and http://127.0.0.1/detailed
Return results are all
{
"detailed": "detailed"
}
but i want
http://127.0.0.1/list Return results
{
"list": "list"
}
http://127.0.0.1/detailed
{
"detailed": "detailed"
}
Learn more about implementing class based views in django rest framewrok documentation it's pretty much straight forward. Django Rest Framework makes it easy to write DRY code with built in Generic views.
For example,an in built generic view like ListCreateAPIView below will perform GET and POST Http methods.
You can get a list of snippets and snippet detail from your urls:
urls.py
urlpatterns = [
url(r'^snippets/$', views.SnippetList.as_view()),
url(r'^snippets/(?P<pk>[0-9]+)/$', views.SnippetDetail.as_view()),
]
views.py
class SnippetAPIView(generics.ListCreateAPIView):
queryset = Snippet.objects.all()
serializer_class = SnippetSerializer