Django API creation with signed requests utilizing forms for validation.

Related tags

Djangodjango-formapi
Overview

django-formapi

Create JSON API:s with HMAC authentication and Django form-validation.

https://travis-ci.org/5monkeys/django-formapi.svg?branch=master https://coveralls.io/repos/github/5monkeys/django-formapi/badge.svg?branch=master

Version compatibility

See Travis-CI page for actual test results: https://travis-ci.org/5monkeys/django-formapi

Django Python 2.6 2.7 3.3 3.4 3.5 3.6
1.3 Yes Yes        
1.4 Yes Yes        
1.5 Yes Yes Yes      
1.6 Yes Yes Yes      
1.7   Yes Yes Yes    
1.8   Yes Yes Yes Yes Yes
1.9   Yes   Yes Yes Yes
1.10   Yes   Yes Yes Yes

Installation

Install django-formapi in your python environment

$ pip install django-formapi

Add formapi to your INSTALLED_APPS setting.

INSTALLED_APPS = (
    ...
    'formapi',
)

Add formapi.urls to your urls.py.

urlpatterns = patterns('',
    ...
    url(r'^api/', include('formapi.urls')),
)

Usage

Go ahead and create a calls.py.

class DivisionCall(calls.APICall):
    """
    Returns the quotient of two integers
    """
    dividend = forms.FloatField()
    divisor = forms.FloatField()

    def action(self, test):
        dividend = self.cleaned_data.get('dividend')
        divisor = self.cleaned_data.get('divisor')
        return dividend / divisor

API.register(DivisionCall, 'math', 'divide', version='v1.0.0')

Just create a class like your regular Django Forms but inheriting from APICall. Define the fields that your API-call should receive. The action method is called when your fields have been validated and what is returned will be JSON-encoded as a response to the API-caller. The API.register call takes your APICall-class as first argument, the second argument is the namespace the API-call should reside in, the third argument is the name of your call and the fourth the version. This will result in an url in the form of api/[version]/[namespace]/[call_name]/ so we would get /api/v1.0.0/math/divide/.

A valid call with the parameters {'dividend': 5, 'divisor': 2} would result in this response:

{"errors": {}, "data": 5, "success": true}

An invalid call with the parameters {'dividend': "five", 'divisor': 2} would result in this response:

{"errors": {"dividend": ["Enter a number."]}, "data": false, "success": false}

Authentication

By default APICalls have HMAC-authentication turned on. Disable it by setting signed_requests = False on your APICall.

If not disabled users of the API will have to sign their calls. To do this they need a secret generate, create a APIKey through the django admin interface. On save a personal secret and key will be generated for the API-user.

To build a call signature for the DivisonCall create a querystring of the calls parameters sorted by the keys dividend=5&divisor=2. Create a HMAC using SHA1 hash function. Example in python:

import hmac
from hashlib import sha1
hmac_sign = hmac.new(secret, urllib2.quote('dividend=5&divisor=2'), sha1).hexdigest()

A signed request against DivisionCall would have the parameters {'dividend': 5, 'divisor': 2, 'key': generated_key, 'sign': hmac_sign}

Documentation

Visit /api/discover for a brief documentation of the registered API-calls.

Comments
  • Support Python 3.4-3.6 and Django 1.7-1.10

    Support Python 3.4-3.6 and Django 1.7-1.10

    Based on #16

    Build Status

    | Django | Python 2.6 | 2.7 | 3.3 | 3.4 | 3.5 | 3.6 | | :-: | --: | --- | --- | --- | --- | --- | | 1.3 | ✅ | ✅ | | | | | | 1.4 | ✅ | ✅ | | | | | | 1.5 | ✅ | ✅ | ✅ | | | | | 1.6 | ✅ | ✅ | ✅ | | | | | 1.7 | | ✅ | ✅ | ✅ | | | | 1.8 | | ✅ | ✅ | ✅ | ✅ | ✅ | | 1.9 | | ✅ | | ✅ | ✅ | ✅ | | 1.10 | | ✅ | | ✅ | ✅ | ✅ |

    opened by andreif 6
  • The readme is broken in pypi

    The readme is broken in pypi

    The readme is broken in pypi, I think that the problem is that the underlined should have the same length that the text. You should to change this:

    Authentication
    -----
    

    For this

    Authentication
    --------------
    

    The same with Documentation.

    Congratulations for this app :-)

    opened by goinnn 2
  • Remove remaining markdown use from api/call.html template

    Remove remaining markdown use from api/call.html template

    A left-over "load markdown" tag, and use of its restructured-text filter on the docstring description were causing this view to fail since markdown dependency had been eliminated. This patch just prints the "docstring" value unformatted.

    opened by reduxionist 1
  • Run against Django 1.11 + Minor fix

    Run against Django 1.11 + Minor fix

    In addition to running against 1.11, this fixes a small issue that affects Django1.9+ where the value of the custom UUIDField does not go through formapi.utils.prepare_uuid_string on retrieval, because Django does not call to_python on assignment after deprecating SubfieldBase. The fix is to also call prepare_uuid_string on from_db_value method of the field. The added test would fail on Django >= 1.9 without overriding from_db_value,

    Not sure if it'd make more sense to use Django's own UUIDField with 1.8+ and override methods to call our prepare_uuid_string.

    opened by beshrkayali 2
  • Improved hash space and expressivity

    Improved hash space and expressivity

    Previously all random data came from Python’s built-in UUID4 encoded in hexadecimal. Hexadecimal encodes 16 values in one byte, that means there is a 4:8 ratio of meaningful bits to each byte of hexadecimal encoding. Instead we use base64 which encodes at a 6:8 ratio. This has the added benefit of looking better.

    opened by lericson 3
  • The model form are supported in the formapi and details

    The model form are supported in the formapi and details

    1. Now the model form are supported in the formapi.
    2. A simple way to pass the request to your form (request_passed)
    3. If you overwrite the get_form_kwargs method you can pass more parameters to your form
    4. And some details: reorder the imports, change API.xxx to cls.xxx or self.xxx, remove the clean method from APICall, etc
    opened by goinnn 8
Releases(0.1.0)
Owner
5 Monkeys
5 Monkeys
Simple tagging for django

django-taggit This is a Jazzband project. By contributing you agree to abide by the Contributor Code of Conduct and follow the guidelines. django-tagg

Jazzband 3k Jan 02, 2023
Yet another Django audit log app, hopefully the simplest one.

django-easy-audit Yet another Django audit log app, hopefully the easiest one. This app allows you to keep track of every action taken by your users.

Natán 510 Jan 02, 2023
A multiprocessing distributed task queue for Django

A multiprocessing distributed task queue for Django Features Multiprocessing worker pool Asynchronous tasks Scheduled, cron and repeated tasks Signed

Ilan Steemers 1.7k Jan 03, 2023
A reusable Django app that configures your project for deployment

django-simple-deploy This app gives you a management command that configures your project for an initial deployment. It targets Heroku at the moment,

Eric Matthes 205 Dec 26, 2022
Streamlining Django forms to provide all the wins of single-page-applications without the pain.

nango Streamlining Django forms to provide all the wins of single-page-applications without the pain. Key features Available to all Django deployments

Nick Farrell 107 Dec 12, 2022
A simple REST API to manage postal addresses, written in Python/Django.

A simple REST API to manage postal addresses, written in Python/Django.

Attila Bagossy 2 Feb 14, 2022
English dictionary using Django based on freecodecamp

English Dictionary Hi there, i made this english dictionary using Django based on freecodecamp.org tutorial :) Table of Contents Preview Technologies

Aline Alencar 3 May 09, 2022
Bootstrap 3 integration with Django.

django-bootstrap3 Bootstrap 3 integration for Django. Goal The goal of this project is to seamlessly blend Django and Bootstrap 3. Want to use Bootstr

Zostera B.V. 2.3k Jan 03, 2023
A package to handle images in django

Django Image Tools Django Image Tools is a small app that will allow you to manage your project's images without worrying much about image sizes, how

The Bonsai Studio 42 Jun 02, 2022
A Django app for working with BTCPayServer

btcpay-django A Django app for working with BTCPayServer Installation pip install btcpay-django Developers Release To cut a release, run bumpversion,

Crawford 3 Nov 20, 2022
Django-static-site - A simple content site framework that harnesses the power of Django without the hassle

coltrane A simple content site framework that harnesses the power of Django with

Adam Hill 57 Dec 06, 2022
Django-shared-app-isolated-databases-example - Django - Shared App & Isolated Databases

Django - Shared App & Isolated Databases An app that demonstrates the implementa

Ajai Danial 5 Jun 27, 2022
A CBV to handle multiple forms in one view

django-shapeshifter A common problem in Django is how to have a view, especially a class-based view that can display and process multiple forms at onc

Kenneth Love 167 Nov 26, 2022
Django API creation with signed requests utilizing forms for validation.

django-formapi Create JSON API:s with HMAC authentication and Django form-validation. Version compatibility See Travis-CI page for actual test results

5 Monkeys 34 Apr 04, 2022
Djangoblog - A blogging platform built on Django and Python.

djangoblog 👨‍💻 A blogging platform built on Django and Python

Lewis Gentle 1 Jan 10, 2022
Django + Next.js integration

Django Next.js Django + Next.js integration From a comment on StackOverflow: Run 2 ports on the same server. One for django (public facing) and one fo

Quera 162 Jan 03, 2023
A reusable Django model field for storing ad-hoc JSON data

jsonfield jsonfield is a reusable model field that allows you to store validated JSON, automatically handling serialization to and from the database.

Ryan P Kilby 1.1k Jan 03, 2023
I managed to attach the Django Framework to my Telegram Bot and set a webhook

I managed to attach the Django Framework to my Telegram Bot and set a webhook. I've been developing it from 10th of November 2021 and I want to have a basic working prototype.

Valentyn Vovchak 2 Sep 08, 2022
Automatically deletes old file for FileField and ImageField. It also deletes files on models instance deletion.

Django Cleanup Features The django-cleanup app automatically deletes files for FileField, ImageField and subclasses. When a FileField's value is chang

Ilya Shalyapin 838 Dec 30, 2022
Automatically upgrade your Django projects.

django-upgrade Automatically upgrade your Django projects. Installation Use pip: python -m pip install django-upgrade Python 3.8 to 3.10 supported. Or

Adam Johnson 525 Dec 29, 2022