Django API creation with signed requests utilizing forms for validation.

Last update: Apr 04, 2022

Related tags

Django django-formapi

Overview

django-formapi

Create JSON API:s with HMAC authentication and Django form-validation.

https://coveralls.io/repos/github/5monkeys/django-formapi/badge.svg?branch=master

Version compatibility

See Travis-CI page for actual test results: https://travis-ci.org/5monkeys/django-formapi

Django	Python 2.6	2.7	3.3	3.4	3.5	3.6
1.3	Yes	Yes
1.4	Yes	Yes
1.5	Yes	Yes	Yes
1.6	Yes	Yes	Yes
1.7		Yes	Yes	Yes
1.8		Yes	Yes	Yes	Yes	Yes
1.9		Yes		Yes	Yes	Yes
1.10		Yes		Yes	Yes	Yes

Installation

Install django-formapi in your python environment

$ pip install django-formapi

Add formapi to your INSTALLED_APPS setting.

INSTALLED_APPS = (
    ...
    'formapi',
)

Add formapi.urls to your urls.py.

urlpatterns = patterns('',
    ...
    url(r'^api/', include('formapi.urls')),
)

Usage

Go ahead and create a calls.py.

class DivisionCall(calls.APICall):
    """
    Returns the quotient of two integers
    """
    dividend = forms.FloatField()
    divisor = forms.FloatField()

    def action(self, test):
        dividend = self.cleaned_data.get('dividend')
        divisor = self.cleaned_data.get('divisor')
        return dividend / divisor

API.register(DivisionCall, 'math', 'divide', version='v1.0.0')

Just create a class like your regular Django Forms but inheriting from APICall. Define the fields that your API-call should receive. The action method is called when your fields have been validated and what is returned will be JSON-encoded as a response to the API-caller. The API.register call takes your APICall-class as first argument, the second argument is the namespace the API-call should reside in, the third argument is the name of your call and the fourth the version. This will result in an url in the form of api/[version]/[namespace]/[call_name]/ so we would get /api/v1.0.0/math/divide/.

A valid call with the parameters {'dividend': 5, 'divisor': 2} would result in this response:

{"errors": {}, "data": 5, "success": true}

An invalid call with the parameters {'dividend': "five", 'divisor': 2} would result in this response:

{"errors": {"dividend": ["Enter a number."]}, "data": false, "success": false}

Authentication

By default APICalls have HMAC-authentication turned on. Disable it by setting signed_requests = False on your APICall.

If not disabled users of the API will have to sign their calls. To do this they need a secret generate, create a APIKey through the django admin interface. On save a personal secret and key will be generated for the API-user.

To build a call signature for the DivisonCall create a querystring of the calls parameters sorted by the keys dividend=5&divisor=2. Create a HMAC using SHA1 hash function. Example in python:

import hmac
from hashlib import sha1
hmac_sign = hmac.new(secret, urllib2.quote('dividend=5&divisor=2'), sha1).hexdigest()

A signed request against DivisionCall would have the parameters {'dividend': 5, 'divisor': 2, 'key': generated_key, 'sign': hmac_sign}

Documentation

Visit /api/discover for a brief documentation of the registered API-calls.

Comments

Support Python 3.4-3.6 and Django 1.7-1.10

Based on #16

| Django | Python 2.6 | 2.7 | 3.3 | 3.4 | 3.5 | 3.6 | | :-: | --: | --- | --- | --- | --- | --- | | 1.3 | ✅ | ✅ | | | | | | 1.4 | ✅ | ✅ | | | | | | 1.5 | ✅ | ✅ | ✅ | | | | | 1.6 | ✅ | ✅ | ✅ | | | | | 1.7 | | ✅ | ✅ | ✅ | | | | 1.8 | | ✅ | ✅ | ✅ | ✅ | ✅ | | 1.9 | | ✅ | | ✅ | ✅ | ✅ | | 1.10 | | ✅ | | ✅ | ✅ | ✅ |

opened by andreif 6
The readme is broken in pypi
The readme is broken in pypi, I think that the problem is that the underlined should have the same length that the text. You should to change this:

Authentication -----

For this

Authentication --------------

The same with Documentation.

Congratulations for this app :-)
opened by goinnn 2
Remove remaining markdown use from api/call.html template

A left-over "load markdown" tag, and use of its restructured-text filter on the docstring description were causing this view to fail since markdown dependency had been eliminated. This patch just prints the "docstring" value unformatted.

opened by reduxionist 1
Run against Django 1.11 + Minor fix

In addition to running against 1.11, this fixes a small issue that affects Django1.9+ where the value of the custom UUIDField does not go through formapi.utils.prepare_uuid_string on retrieval, because Django does not call to_python on assignment after deprecating SubfieldBase. The fix is to also call prepare_uuid_string on from_db_value method of the field. The added test would fail on Django >= 1.9 without overriding from_db_value,

Not sure if it'd make more sense to use Django's own UUIDField with 1.8+ and override methods to call our prepare_uuid_string.

opened by beshrkayali 2
Improved hash space and expressivity

Previously all random data came from Python’s built-in UUID4 encoded in hexadecimal. Hexadecimal encodes 16 values in one byte, that means there is a 4:8 ratio of meaningful bits to each byte of hexadecimal encoding. Instead we use base64 which encodes at a 6:8 ratio. This has the added benefit of looking better.

opened by lericson 3
The model form are supported in the formapi and details
Now the model form are supported in the formapi.

A simple way to pass the request to your form (request_passed)

If you overwrite the get_form_kwargs method you can pass more parameters to your form

And some details: reorder the imports, change API.xxx to cls.xxx or self.xxx, remove the clean method from APICall, etc
opened by goinnn 8

Releases(0.1.0)

0.1.0(Jan 31, 2014)
Add access to APIKey object

repeated url parameters

django <1.5 fixes

Source code(tar.gz)
Source code(zip)

Owner

5 Monkeys

GitHub Repository

django-idom allows Django to integrate with IDOM

django-idom allows Django to integrate with IDOM, a package inspired by ReactJS for creating responsive web interfaces in pure Python.

113 Jan 04, 2023

Dynamic, database-driven Django forms

Django Dataforms django-dataforms is a wrapper for the Django forms API that lets you dynamically define forms in a database, rather than hard-coding

35 Dec 16, 2022

💨 Fast, Async-ready, Openapi, type hints based framework for building APIs

Fast to learn, fast to code, fast to run Django Ninja - Fast Django REST Framework Django Ninja is a web framework for building APIs with Django and P

3.8k Jan 01, 2023

A Blog Management System Built with django

Blog Management System Backend use: Django Features Enhanced Ui

1 Dec 06, 2021

Quick example of a todo list application using Django and HTMX

django-htmx-todo-list Quick example of a todo list application using Django and HTMX Background Modified & expanded from https://github.com/jaredlockh

54 Dec 10, 2022

🌟 A social media made with Django and Python and Bulma. 🎉

Vitary A simple social media made with Django Installation 🛠️ Get the source code 💻 git clone https://github.com/foxy4096/Vitary.git Go the the dir

15 Aug 30, 2022

Radically simplified static file serving for Python web apps

WhiteNoise Radically simplified static file serving for Python web apps With a couple of lines of config WhiteNoise allows your web app to serve its o

2.1k Dec 15, 2022

Mobile Detect is a lightweight Python package for detecting mobile devices (including tablets).

Django Mobile Detector Mobile Detect is a lightweight Python package for detecting mobile devices (including tablets). It uses the User-Agent string c

6 Aug 31, 2022

Show how the redis works with Python (Django).

Redis Leaderboard Python (Django) Show how the redis works with Python (Django). Try it out deploying on Heroku (See notes: How to run on Google Cloud

4 Nov 16, 2021

Simple application TodoList django with ReactJS

Django & React Django We basically follow the Django REST framework quickstart guide here. Create backend folder with a virtual Python environment: mk

2 Aug 07, 2022

Fast / fuzzy PostgreSQL counts for Django

Created by Stephen McDonald Introduction Up until PostgreSQL 9.2, COUNT queries generally required scanning every row in a database table. With millio

85 Oct 25, 2021

The uncompromising Python code formatter

The Uncompromising Code Formatter “Any color you like.” Black is the uncompromising Python code formatter. By using it, you agree to cede control over

30.7k Jan 03, 2023

Store model history and view/revert changes from admin site.

django-simple-history django-simple-history stores Django model state on every create/update/delete. This app supports the following combinations of D

1.8k Jan 08, 2023

Django based webapp pulling in crypto news and price data via api

Deploy Django in Production FTA project implementing containerization of Django Web Framework into Docker to be placed into Azure Container Services a

0 Sep 21, 2022

Simpliest django(uvicorn)+postgresql+nginx docker-compose (ready for production and dev)

simpliest django(uvicorn)+postgresql+nginx docker-compose (ready for production and dev) To run in production: docker-compose up -d Site available on

1 Dec 16, 2021

A fresh approach to autocomplete implementations, specially for Django. Status: v3 stable, 2.x.x stable, 1.x.x deprecated. Please DO regularely ping us with your link at #yourlabs IRC channel

Features Python 2.7, 3.4, Django 2.0+ support (Django 1.11 (LTS), is supported until django-autocomplete-light-3.2.10), Django (multiple) choice suppo

1.7k Jan 01, 2023