Django API creation with signed requests utilizing forms for validation.

Related tags

Django django-formapi
Overview

django-formapi

Create JSON API:s with HMAC authentication and Django form-validation.

https://travis-ci.org/5monkeys/django-formapi.svg?branch=master https://coveralls.io/repos/github/5monkeys/django-formapi/badge.svg?branch=master

Version compatibility

See Travis-CI page for actual test results: https://travis-ci.org/5monkeys/django-formapi

Django Python 2.6 2.7 3.3 3.4 3.5 3.6
1.3 Yes Yes        
1.4 Yes Yes        
1.5 Yes Yes Yes      
1.6 Yes Yes Yes      
1.7   Yes Yes Yes    
1.8   Yes Yes Yes Yes Yes
1.9   Yes   Yes Yes Yes
1.10   Yes   Yes Yes Yes

Installation

Install django-formapi in your python environment

$ pip install django-formapi

Add formapi to your INSTALLED_APPS setting.

INSTALLED_APPS = (
    ...
    'formapi',
)

Add formapi.urls to your urls.py.

urlpatterns = patterns('',
    ...
    url(r'^api/', include('formapi.urls')),
)

Usage

Go ahead and create a calls.py.

class DivisionCall(calls.APICall):
    """
    Returns the quotient of two integers
    """
    dividend = forms.FloatField()
    divisor = forms.FloatField()

    def action(self, test):
        dividend = self.cleaned_data.get('dividend')
        divisor = self.cleaned_data.get('divisor')
        return dividend / divisor

API.register(DivisionCall, 'math', 'divide', version='v1.0.0')

Just create a class like your regular Django Forms but inheriting from APICall. Define the fields that your API-call should receive. The action method is called when your fields have been validated and what is returned will be JSON-encoded as a response to the API-caller. The API.register call takes your APICall-class as first argument, the second argument is the namespace the API-call should reside in, the third argument is the name of your call and the fourth the version. This will result in an url in the form of api/[version]/[namespace]/[call_name]/ so we would get /api/v1.0.0/math/divide/.

A valid call with the parameters {'dividend': 5, 'divisor': 2} would result in this response:

{"errors": {}, "data": 5, "success": true}

An invalid call with the parameters {'dividend': "five", 'divisor': 2} would result in this response:

{"errors": {"dividend": ["Enter a number."]}, "data": false, "success": false}

Authentication

By default APICalls have HMAC-authentication turned on. Disable it by setting signed_requests = False on your APICall.

If not disabled users of the API will have to sign their calls. To do this they need a secret generate, create a APIKey through the django admin interface. On save a personal secret and key will be generated for the API-user.

To build a call signature for the DivisonCall create a querystring of the calls parameters sorted by the keys dividend=5&divisor=2. Create a HMAC using SHA1 hash function. Example in python:

import hmac
from hashlib import sha1
hmac_sign = hmac.new(secret, urllib2.quote('dividend=5&divisor=2'), sha1).hexdigest()

A signed request against DivisionCall would have the parameters {'dividend': 5, 'divisor': 2, 'key': generated_key, 'sign': hmac_sign}

Documentation

Visit /api/discover for a brief documentation of the registered API-calls.

Comments
  • Support Python 3.4-3.6 and Django 1.7-1.10

    Support Python 3.4-3.6 and Django 1.7-1.10

    Based on #16

    Build Status

    | Django | Python 2.6 | 2.7 | 3.3 | 3.4 | 3.5 | 3.6 | | :-: | --: | --- | --- | --- | --- | --- | | 1.3 | ✅ | ✅ | | | | | | 1.4 | ✅ | ✅ | | | | | | 1.5 | ✅ | ✅ | ✅ | | | | | 1.6 | ✅ | ✅ | ✅ | | | | | 1.7 | | ✅ | ✅ | ✅ | | | | 1.8 | | ✅ | ✅ | ✅ | ✅ | ✅ | | 1.9 | | ✅ | | ✅ | ✅ | ✅ | | 1.10 | | ✅ | | ✅ | ✅ | ✅ |

    opened by andreif 6
  • The readme is broken in pypi

    The readme is broken in pypi

    The readme is broken in pypi, I think that the problem is that the underlined should have the same length that the text. You should to change this:

    Authentication
-----

    For this

    Authentication
--------------

    The same with Documentation.

    Congratulations for this app :-)

    opened by goinnn 2
  • Remove remaining markdown use from api/call.html template

    Remove remaining markdown use from api/call.html template

    A left-over "load markdown" tag, and use of its restructured-text filter on the docstring description were causing this view to fail since markdown dependency had been eliminated. This patch just prints the "docstring" value unformatted.

    opened by reduxionist 1
  • Run against Django 1.11 + Minor fix

    Run against Django 1.11 + Minor fix

    In addition to running against 1.11, this fixes a small issue that affects Django1.9+ where the value of the custom UUIDField does not go through formapi.utils.prepare_uuid_string on retrieval, because Django does not call to_python on assignment after deprecating SubfieldBase. The fix is to also call prepare_uuid_string on from_db_value method of the field. The added test would fail on Django >= 1.9 without overriding from_db_value,

    Not sure if it'd make more sense to use Django's own UUIDField with 1.8+ and override methods to call our prepare_uuid_string.

    opened by beshrkayali 2
  • Improved hash space and expressivity

    Improved hash space and expressivity

    Previously all random data came from Python’s built-in UUID4 encoded in hexadecimal. Hexadecimal encodes 16 values in one byte, that means there is a 4:8 ratio of meaningful bits to each byte of hexadecimal encoding. Instead we use base64 which encodes at a 6:8 ratio. This has the added benefit of looking better.

    opened by lericson 3
  • The model form are supported in the formapi and details

    The model form are supported in the formapi and details

    1. Now the model form are supported in the formapi.
    2. A simple way to pass the request to your form (request_passed)
    3. If you overwrite the get_form_kwargs method you can pass more parameters to your form
    4. And some details: reorder the imports, change API.xxx to cls.xxx or self.xxx, remove the clean method from APICall, etc
    opened by goinnn 8
Releases(0.1.0)
Owner
5 Monkeys
5 Monkeys
GitHub
Money fields for Django forms and models.

django-money A little Django app that uses py-moneyed to add support for Money fields in your models and forms. Django versions supported: 1.11, 2.1,

null 1.4k Jan 6, 2023
A Django application that provides country choices for use with forms, flag icons static files, and a country field for models.

Django Countries A Django application that provides country choices for use with forms, flag icons static files, and a country field for models. Insta

Chris Beaven 1.2k Jan 7, 2023
A set of high-level abstractions for Django forms

django-formtools Django's "formtools" is a set of high-level abstractions for Django forms. Currently for form previews and multi-step forms. This cod

Jazzband 621 Dec 30, 2022
A Django application that provides country choices for use with forms, flag icons static files, and a country field for models.

Django Countries A Django application that provides country choices for use with forms, flag icons static files, and a country field for models. Insta

Chris Beaven 1.2k Dec 31, 2022
Book search Django web project that uses requests python library and openlibrary API.

Book Search API Developer: Vladimir Vojtenko Book search Django web project that uses requests python library and openlibrary API. #requests #openlibr

null 1 Dec 8, 2021
🏭 An easy-to-use implementation of Creation Methods for Django, backed by Faker.

Django-fakery An easy-to-use implementation of Creation Methods (aka Object Factory) for Django, backed by Faker. django_fakery will try to guess the

Flavio Curella 93 Oct 12, 2022
Log and View requests made on Django

Django Request Viewer Log and view requests made on your Django App Introduction Recently, @ichtrojan and @toniastro released horus, a request logger

Akere Mukhtar 26 May 29, 2022
A prettier way to see Django requests while developing

A prettier way to see Django requests while developing

Adam Hill 35 Dec 2, 2022
☄️ Google Forms autofill script

lazrr 'Destroy Them With Lazers' - Knife Party, 2011 Google Forms autofill script Installation: pip3 install -r requirements.txt Usage: python3 lazrr.

Serezha Rakhmanov 12 Jun 4, 2022
A CBV to handle multiple forms in one view

django-shapeshifter A common problem in Django is how to have a view, especially a class-based view that can display and process multiple forms at onc

Kenneth Love 167 Nov 26, 2022
Django URL Shortener is a Django app to to include URL Shortening feature in your Django Project

Django URL Shortener Django URL Shortener is a Django app to to include URL Shortening feature in your Django Project Install this package to your Dja

Rishav Sinha 4 Nov 18, 2021
Django API without Django REST framework.

Django API without DRF This is a API project made with Django, and without Django REST framework. This project was done with: Python 3.9.8 Django 3.2.

Regis Santos 3 Jan 19, 2022
Django-gmailapi-json-backend - Email backend for Django which sends email via the Gmail API through a JSON credential

django-gmailapi-json-backend Email backend for Django which sends email via the

Innove 1 Sep 9, 2022
A middleware to log the requests and responses using loguru.

Django Loguru The extension was based on another one and added some extra flavours. One of the biggest problems with the apps is the logging and that

Tiago Silva 9 Oct 11, 2022
Yummy Django API, it's the exclusive API used for the e-yummy-ke vue web app

Yummy Django API, it's the exclusive API used for the e-yummy-ke vue web app

Am.Chris_KE 1 Feb 14, 2022
Meta package to combine turbo-django and stimulus-django

Hotwire + Django This repository aims to help you integrate Hotwire with Django ?? Inspiration might be taken from @hotwired/hotwire-rails. We are sti

Hotwire for Django 31 Aug 9, 2022
django-reversion is an extension to the Django web framework that provides version control for model instances.

django-reversion django-reversion is an extension to the Django web framework that provides version control for model instances. Requirements Python 3

Dave Hall 2.8k Jan 2, 2023
Django-environ allows you to utilize 12factor inspired environment variables to configure your Django application.

Django-environ django-environ allows you to use Twelve-factor methodology to configure your Django application with environment variables. import envi

Daniele Faraglia 2.7k Jan 7, 2023
Rosetta is a Django application that eases the translation process of your Django projects

Rosetta Rosetta is a Django application that facilitates the translation process of your Django projects. Because it doesn't export any models, Rosett

Marco Bonetti 909 Dec 26, 2022