Giter Site home page Giter Site logo

dj-test's Introduction

Django API Views (Custom + REST)

Home Page

Main Task: create a django application, with an endpoint (view) that accepts input parameters, validates them and returns the correct response.

Input parameters

email parameter must be a valid email, length no more than 100 characters. It should be checked for all forbidden characters, combinations of characters, etc. Mail in the gmail.com and icloud.com domains should not be accepted.

password parameter - the password must consist of alphanumeric characters, underscore, starts with an capital letter. Length from 7 to 16 characters.

first_name - only letters and dashes.

last_name - only letters, dash and space.

📝  Requirements

  • Django == 3.2.6
  • Python == 3.8.6
  • django-crispy-forms == 1.12.0
  • django-extensions == 3.1.3
  • djangorestframework == 3.12.4
  • dnspython == 2.1.0
  • PyJWT == 1.7.1
  • python-decouple == 3.4

📷 Part 1 (with screenshots)

This part includes the implementation of the main task and a separate endpoint that will display request records filtered by the current IP address (where the request came from).

The implementation of this part is in folder api/ and accordingly on url ../api/v1/get/ and ../api/v1/post/.

../api/v1/post/ - contains the implementation of the main task.

../api/v1/get/- display request records filtered by the current IP address.

Parameters Validation Valid Parameters Email must be Unique
Request Records Parameters Validation (Postman) Request Records (Postman)

📷 Part 2 (with screenshots)

This part expands our task by including what was covered in the previous paragraph via RESTful implementation.

The implementation of this part is in folder rest/.

POST request - implementation of the main task.

GET request - display request records filtered by the current IP address.

Parameters Validation Valid Parameters Email must be Unique
Request Records Valid Parameters (Postman) Request Records (Postman)

📷 Part 3 (with screenshots)

The hardest part. Users appear in the application at the system level. Now, instead of requests, we will store users. The user himself must register through a separate endpoint (/register/), where the sent parameters will be checked. After registration, the user goes to the authorization endpoint (/login/) and a token is returned to him (JWT). Further, all requests are authorized through the user's token.

The implementation of this part is in folder authentication/.

  • authentication/register/ - allows you to register.

  • authentication/login/ - allows you to log in.

  • authentication/user-info/ - contains information about the logged in user.

Registration of New Users - the main logic is implemented in the RegistrationSerializer class and in RegistrationAPIView.

User Login - LoginSerializer class and LoginAPIView.

Retrieving and Updating User Data - UserSerializer and UserRetrieveUpdateAPIView.

authentication/backends.py - custom backend to support JWT .

Registration (Validation) Successful Registration Login (Validation) Login (Wrong Password)
Successful Login GET User Info (without token) GET User Info (Success) Change User Email

Main Logic

The key idea is to create our own User model instead of the Django model and write our own views to support returning JSON instead of HTML.

With token-based authentication, the server provides the client with a token after a successful login/register request. Token is generated as a simple object (dict) with two fields: id and exp, this object is encrypted using the server's SECRET_KEY and given to the client for further use.

The client is expected to send a token with future requests (instead of session cookies), so that the server can identify the user. We take the token from the http request, then decode the user_id from it and check if there is such a user_id in the database, and if there is such a user and is active, then the request is authorized.

💡  Additional Info

JSON Web Token (JWT) is an open standard that defines a compact and self-contained way for securely transmitting information between two parties.

Using JWT is a good option because it is an open standard. This means that all JWT implementations should be fairly similar, which is an advantage when working with different languages and technologies. JWTs also contain information about the user, which is convenient for the client side.

📫  Get in touch

dj-test's People

Contributors

jackshendrikov avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.