Django API creation with signed requests utilizing forms for validation.

Related tags

Djangodjango-formapi
Overview

django-formapi

Create JSON API:s with HMAC authentication and Django form-validation.

https://travis-ci.org/5monkeys/django-formapi.svg?branch=master https://coveralls.io/repos/github/5monkeys/django-formapi/badge.svg?branch=master

Version compatibility

See Travis-CI page for actual test results: https://travis-ci.org/5monkeys/django-formapi

Django Python 2.6 2.7 3.3 3.4 3.5 3.6
1.3 Yes Yes        
1.4 Yes Yes        
1.5 Yes Yes Yes      
1.6 Yes Yes Yes      
1.7   Yes Yes Yes    
1.8   Yes Yes Yes Yes Yes
1.9   Yes   Yes Yes Yes
1.10   Yes   Yes Yes Yes

Installation

Install django-formapi in your python environment

$ pip install django-formapi

Add formapi to your INSTALLED_APPS setting.

INSTALLED_APPS = (
    ...
    'formapi',
)

Add formapi.urls to your urls.py.

urlpatterns = patterns('',
    ...
    url(r'^api/', include('formapi.urls')),
)

Usage

Go ahead and create a calls.py.

class DivisionCall(calls.APICall):
    """
    Returns the quotient of two integers
    """
    dividend = forms.FloatField()
    divisor = forms.FloatField()

    def action(self, test):
        dividend = self.cleaned_data.get('dividend')
        divisor = self.cleaned_data.get('divisor')
        return dividend / divisor

API.register(DivisionCall, 'math', 'divide', version='v1.0.0')

Just create a class like your regular Django Forms but inheriting from APICall. Define the fields that your API-call should receive. The action method is called when your fields have been validated and what is returned will be JSON-encoded as a response to the API-caller. The API.register call takes your APICall-class as first argument, the second argument is the namespace the API-call should reside in, the third argument is the name of your call and the fourth the version. This will result in an url in the form of api/[version]/[namespace]/[call_name]/ so we would get /api/v1.0.0/math/divide/.

A valid call with the parameters {'dividend': 5, 'divisor': 2} would result in this response:

{"errors": {}, "data": 5, "success": true}

An invalid call with the parameters {'dividend': "five", 'divisor': 2} would result in this response:

{"errors": {"dividend": ["Enter a number."]}, "data": false, "success": false}

Authentication

By default APICalls have HMAC-authentication turned on. Disable it by setting signed_requests = False on your APICall.

If not disabled users of the API will have to sign their calls. To do this they need a secret generate, create a APIKey through the django admin interface. On save a personal secret and key will be generated for the API-user.

To build a call signature for the DivisonCall create a querystring of the calls parameters sorted by the keys dividend=5&divisor=2. Create a HMAC using SHA1 hash function. Example in python:

import hmac
from hashlib import sha1
hmac_sign = hmac.new(secret, urllib2.quote('dividend=5&divisor=2'), sha1).hexdigest()

A signed request against DivisionCall would have the parameters {'dividend': 5, 'divisor': 2, 'key': generated_key, 'sign': hmac_sign}

Documentation

Visit /api/discover for a brief documentation of the registered API-calls.

Comments
  • Support Python 3.4-3.6 and Django 1.7-1.10

    Support Python 3.4-3.6 and Django 1.7-1.10

    Based on #16

    Build Status

    | Django | Python 2.6 | 2.7 | 3.3 | 3.4 | 3.5 | 3.6 | | :-: | --: | --- | --- | --- | --- | --- | | 1.3 | ✅ | ✅ | | | | | | 1.4 | ✅ | ✅ | | | | | | 1.5 | ✅ | ✅ | ✅ | | | | | 1.6 | ✅ | ✅ | ✅ | | | | | 1.7 | | ✅ | ✅ | ✅ | | | | 1.8 | | ✅ | ✅ | ✅ | ✅ | ✅ | | 1.9 | | ✅ | | ✅ | ✅ | ✅ | | 1.10 | | ✅ | | ✅ | ✅ | ✅ |

    opened by andreif 6
  • The readme is broken in pypi

    The readme is broken in pypi

    The readme is broken in pypi, I think that the problem is that the underlined should have the same length that the text. You should to change this:

    Authentication
-----

    For this

    Authentication
--------------

    The same with Documentation.

    Congratulations for this app :-)

    opened by goinnn 2
  • Remove remaining markdown use from api/call.html template

    Remove remaining markdown use from api/call.html template

    A left-over "load markdown" tag, and use of its restructured-text filter on the docstring description were causing this view to fail since markdown dependency had been eliminated. This patch just prints the "docstring" value unformatted.

    opened by reduxionist 1
  • Run against Django 1.11 + Minor fix

    Run against Django 1.11 + Minor fix

    In addition to running against 1.11, this fixes a small issue that affects Django1.9+ where the value of the custom UUIDField does not go through formapi.utils.prepare_uuid_string on retrieval, because Django does not call to_python on assignment after deprecating SubfieldBase. The fix is to also call prepare_uuid_string on from_db_value method of the field. The added test would fail on Django >= 1.9 without overriding from_db_value,

    Not sure if it'd make more sense to use Django's own UUIDField with 1.8+ and override methods to call our prepare_uuid_string.

    opened by beshrkayali 2
  • Improved hash space and expressivity

    Improved hash space and expressivity

    Previously all random data came from Python’s built-in UUID4 encoded in hexadecimal. Hexadecimal encodes 16 values in one byte, that means there is a 4:8 ratio of meaningful bits to each byte of hexadecimal encoding. Instead we use base64 which encodes at a 6:8 ratio. This has the added benefit of looking better.

    opened by lericson 3
  • The model form are supported in the formapi and details

    The model form are supported in the formapi and details

    1. Now the model form are supported in the formapi.
    2. A simple way to pass the request to your form (request_passed)
    3. If you overwrite the get_form_kwargs method you can pass more parameters to your form
    4. And some details: reorder the imports, change API.xxx to cls.xxx or self.xxx, remove the clean method from APICall, etc
    opened by goinnn 8
Releases(0.1.0)
Owner
5 Monkeys
5 Monkeys
GitHub Repository
A Django app to initialize Sentry client for your Django applications

Dj_sentry This Django application intialize Sentry SDK to your Django application. How to install You can install this packaging by using: pip install

Gandi 1 Dec 09, 2021
A simple trivia quizzz web app made using django

Trivia Quizzz A simple trivia quizzz web app made using django Demo http://triviaquizzz.herokuapp.com/ & https://triviaquiz.redcrypt.xyz Features Goog

Rachit Khurana 2 Feb 10, 2022
A visual indicator of what environment/system you're using in django

A visual indicator of what environment/system you're using in django

Mark Walker 4 Nov 26, 2022
PostgreSQL with Docker + Portainer + pgAdmin + Django local

django-postgresql-docker Running PostgreSQL with Docker + Portainer + pgAdmin + Django local for development. This project was done with: Python 3.9.8

Regis Santos 4 Jun 12, 2022
Projeto onde podes inserir notícias, ver todas as notícias guardas e filtrar por tag. A base de dados usada é o mongoDB.

djangoProject Projeto onde podes inserir notícias, ver todas as notícias guardas e filtrar por tag. A base de dados usada é o mongoDB. packages utiliz

Sofia Rocha 1 Feb 22, 2022
Yummy Django API, it's the exclusive API used for the e-yummy-ke vue web app

Yummy Django API, it's the exclusive API used for the e-yummy-ke vue web app

Am.Chris_KE 1 Feb 14, 2022
Service request portal on top of Ansible Tower

Squest - A service request portal based on Ansible Tower Squest is a Web portal that allow to expose Tower based automation as a service. If you want

Hewlett Packard Enterprise 183 Jan 04, 2023
Simple XML-RPC and JSON-RPC server for modern Django

django-modern-rpc Build an XML-RPC and/or JSON-RPC server as part of your Django project. Major Django and Python versions are supported Main features

Antoine Lorence 82 Dec 04, 2022
Easily share data across your company via SQL queries. From Grove Collab.

SQL Explorer SQL Explorer aims to make the flow of data between people fast, simple, and confusion-free. It is a Django-based application that you can

Grove Collaborative 2.1k Dec 30, 2022
Full-text multi-table search application for Django. Easy to install and use, with good performance.

django-watson django-watson is a fast multi-model full-text search plugin for Django. It is easy to install and use, and provides high quality search

Dave Hall 1.1k Dec 22, 2022
Django-environ allows you to utilize 12factor inspired environment variables to configure your Django application.

Django-environ django-environ allows you to use Twelve-factor methodology to configure your Django application with environment variables. import envi

Daniele Faraglia 2.7k Jan 07, 2023
A calendaring app for Django. It is now stable, Please feel free to use it now. Active development has been taken over by bartekgorny.

Django-schedule A calendaring/scheduling application, featuring: one-time and recurring events calendar exceptions (occurrences changed or cancelled)

Tony Hauber 814 Dec 26, 2022
An API was build with Django to store and retrieve information about various musical instruments.

The project is meant to be a starting point, an experimentation or a basic example of a way to develop an API with Django. It is an exercise on using Django and various python technologies and design

Kostas Ziovas 2 Dec 25, 2021
Source code for Django for Beginners 3.2

The official source code for https://djangoforbeginners.com/. Available as an ebook or in Paperback. If you have the 3.1 version, please refer to this

William Vincent 10 Jan 03, 2023
TinyApp - A Python (Django) Full Stack Application for shortening URLs

TinyApp A Python (Django) Full Stack Application for shortening URLs. How to sta

Li Deng 1 Jan 23, 2022
Pipeline is an asset packaging library for Django.

Pipeline Pipeline is an asset packaging library for Django, providing both CSS and JavaScript concatenation and compression, built-in JavaScript templ

Jazzband 1.4k Jan 03, 2023
Simple alternative to Doodle polls and scheduling (Python 3, Django 3, JavaScript)

What is jawanndenn? jawanndenn is a simple web application to schedule meetings and run polls, a libre alternative to Doodle. It is using the followin

Sebastian Pipping 169 Jan 06, 2023
Use minify-html, the extremely fast HTML + JS + CSS minifier, with Django.

django-minify-html Use minify-html, the extremely fast HTML + JS + CSS minifier, with Django. Requirements Python 3.8 to 3.10 supported. Django 2.2 to

Adam Johnson 60 Dec 28, 2022
Official Python agent for the Elastic APM

elastic-apm -- Elastic APM agent for Python This is the official Python module for Elastic APM. It provides full out-of-the-box support for many of th

elastic 369 Jan 05, 2023
Django application and library for importing and exporting data with admin integration.

django-import-export django-import-export is a Django application and library for importing and exporting data with included admin integration. Featur

2.6k Dec 26, 2022