django_api
lets you specify and validate your Django APIs in a single block of code.
It does this with an @api
decorator that wraps Django views. This keeps the API documentation consistent, localized and declarative.
from django import forms
from django_api.decorators import api
from django_api.json_helpers import JsonResponse
from django_api.json_helpers import JsonResponseForbidden
@api({
'accepts': {
'x': forms.IntegerField(min_value=0),
'y': forms.IntegerField(max_value=10),
},
'returns': {
200: 'Addition successful',
}
})
def add(request, *args, **kwargs):
# `x` and `y` have been validated, and are integers
# so we can safely perform arithmetic operations on them
return JsonResponse({
'sum': request.GET['x'] + request.GET['y']
})
Based on the above example, the following API responses are automatically available (assuming you wire up the /add
route to the view above:
GET /add
"failed to validate: {'y': [u'This field is required.'], 'x': [u'This field is required.']}"
GET /add?x=10
"failed to validate: {'y': [u'This field is required.']}"
GET /add?x=10&y=100
"failed to validate: {'y': [u'Ensure this value is less than or equal to 10.']}"
GET /add?x=10&y=10
{sum: 20}
None
To use django_api
in your Django project it needs to be accessible by your Python installation:
$ pip install django-api
(or simply place the django_api
directory in your $PYTHON_PATH)
Add django_api
to INSTALLED_APPS
in your project's settings.py
.
Example:
INSTALLED_APPS = (
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.admin',
'django_api',
)
Specify your API by using the @api
decorator. The @api
decorator takes a dictionary with two keys: accepts
and returns
.
from django_api.decorators import api
@api({
'accepts': {
},
'returns': {
}
})
def add(request, *args, **kwargs):
Describe the query parameters your API accepts by listing them out in the accepts
dictionary. Each entry in the accepts
section maps a name to a Django form field type. Received query parameters are automatically converted to the specified type. If the parameter does not conform to the specification the query fails to validate (see below). Once validated, the variables will be placed in the request
dictionary for use within the view.
'accepts': {
'x': forms.IntegerField(min_value=0),
'y': forms.IntegerField(max_value=10, required=False),
'u': User(),
}
Since each parameter is specified using a Django form field, any argument that its class constructor takes can be used. Examples include
required
initial
max_length
forCharField
min_value
forIntegerField
For a full reference, please see here.
By default, the @api
decorator checks that the returned response is of JSON type.
Specify the valid returned HTTP codes by listing them out in the returns
dictionary. Each entry in the dictionary maps a HTTP response code to a helpful message, explaining the outcome of the action. The helpful message is for documentation purposes only. If the response does not conform to the specification, the query will fail to validate (see below).
'returns': {
200: 'Addition successful',
403: 'User does not have permission',
404: 'Resource not found',
404: 'User not found',
}
If validation fails, a HTTP 400 - Bad request
is returned to the client. For safety, django_api
will perform validation only if settings.DEBUG = True
. This ensures that production code always remains unaffected.
Run the tests with the folllowing command
python manage.py test django_api
@accepts
can be used to also accept your Django models through the object's id
. For a Model Model
, Django expects the query parameter to be name model-id
.
'accepts': {
'x': forms.IntegerField(min_value=0),
'y': forms.IntegerField(max_value=10, required=False),
'u': User(),
}
You can also simply choose to validate either only the parameters the API accepts, or the return values of the API.
Example:
from django import forms
from django_api.decorators import api_accepts
from django_api.json_helpers import JsonResponse
from django_api.json_helpers import JsonResponseForbidden
@api_accepts({
'x': forms.IntegerField(min_value=0),
'y': forms.IntegerField(min_value=0),
})
def add(request, *args, **kwargs):
return JsonResponse({
'sum': request.GET['x'] + request.GET['y']
})
from django import forms
from django_api.decorators import api_returns
from django_api.json_helpers import JsonResponse
from django_api.json_helpers import JsonResponseForbidden
@api_returns({
200: 'Operation successful',
403: 'User does not have permission',
404: 'Resource not found',
404: 'User not found',
})
def add(request, *args, **kwargs):
return JsonResponse({
'sum': request.GET['x'] + request.GET['y']
})