2014-12-09 13:06:23 +03:00
# [Django REST framework][docs]
2014-07-18 16:20:03 +04:00
[![build-status-image]][travis]
2015-08-03 18:57:18 +03:00
[![coverage-status-image]][codecov]
2014-11-13 15:06:45 +03:00
[![pypi-version]][pypi]
2016-04-19 17:09:16 +03:00
[![Gitter ](https://badges.gitter.im/tomchristie/django-rest-framework.svg )](https://gitter.im/tomchristie/django-rest-framework?utm_source=badge& utm_medium=badge& utm_campaign=pr-badge)
2014-07-18 16:20:03 +04:00
2014-11-29 22:23:55 +03:00
**Awesome web-browsable Web APIs.**
2014-07-18 16:20:03 +04:00
2014-11-03 17:43:00 +03:00
Full documentation for the project is available at [http://www.django-rest-framework.org][docs].
---
2016-06-23 15:29:38 +03:00
# Funding
REST framework is a *collaboratively funded project* . If you use
REST framework commercially we strongly encourage you to invest in its
2017-11-27 13:32:17 +03:00
continued development by [signing up for a paid plan][funding].
2016-06-23 15:29:38 +03:00
The initial aim is to provide a single full-time position on REST framework.
2016-08-11 18:53:34 +03:00
*Every single sign-up makes a significant impact towards making that possible.*
2016-06-23 15:29:38 +03:00
2017-11-27 13:32:17 +03:00
[![][rover-img]][rover-url]
[![][sentry-img]][sentry-url]
[![][stream-img]][stream-url]
[![][machinalis-img]][machinalis-url]
[![][rollbar-img]][rollbar-url]
2016-06-23 15:29:38 +03:00
2017-11-27 13:32:17 +03:00
Many thanks to all our [wonderful sponsors][sponsors], and in particular to our premium backers, [Rover][rover-url], [Sentry][sentry-url], [Stream][stream-url], [Machinalis][machinalis-url], and [Rollbar][rollbar-url].
2014-11-03 17:43:00 +03:00
---
2014-07-18 16:20:03 +04:00
2012-08-29 23:57:37 +04:00
# Overview
2014-08-18 23:51:08 +04:00
Django REST framework is a powerful and flexible toolkit for building Web APIs.
2012-10-30 16:23:17 +04:00
2013-04-30 12:32:11 +04:00
Some reasons you might want to use REST framework:
2012-08-29 23:57:37 +04:00
2014-11-29 22:23:55 +03:00
* The [Web browsable API][sandbox] is a huge usability win for your developers.
2014-12-12 18:37:43 +03:00
* [Authentication policies][authentication] including optional packages for [OAuth1a][oauth1-section] and [OAuth2][oauth2-section].
2013-06-27 16:41:42 +04:00
* [Serialization][serializers] that supports both [ORM][modelserializer-section] and [non-ORM][serializer-section] data sources.
* Customizable all the way down - just use [regular function-based views][functionview-section] if you don't need the [more][generic-views] [powerful][viewsets] [features][routers].
2015-03-07 17:50:31 +03:00
* [Extensive documentation][docs], and [great community support][group].
2012-10-30 16:23:17 +04:00
2013-04-30 12:32:11 +04:00
There is a live example API for testing purposes, [available here][sandbox].
2012-08-29 23:57:37 +04:00
2014-11-29 22:23:55 +03:00
**Below**: *Screenshot from the browsable API*
2013-04-30 11:33:33 +04:00
![Screenshot][image]
2017-11-27 13:32:17 +03:00
----
2012-08-29 23:57:37 +04:00
# Requirements
2017-10-06 14:18:31 +03:00
* Python (2.7, 3.4, 3.5, 3.6)
2017-12-20 17:28:31 +03:00
* Django (1.10, 1.11, 2.0)
2012-08-29 23:57:37 +04:00
# Installation
2013-04-30 11:33:33 +04:00
Install using `pip` ...
2012-08-29 23:57:37 +04:00
2012-10-26 22:55:23 +04:00
pip install djangorestframework
2012-12-27 21:53:07 +04:00
Add `'rest_framework'` to your `INSTALLED_APPS` setting.
INSTALLED_APPS = (
...
2014-08-20 19:24:52 +04:00
'rest_framework',
2012-12-27 21:53:07 +04:00
)
2013-04-30 11:33:33 +04:00
# Example
2013-05-02 15:08:05 +04:00
Let's take a look at a quick example of using REST framework to build a simple model-backed API for accessing users and groups.
2013-04-30 17:34:42 +04:00
2014-11-29 21:50:51 +03:00
Startup up a new project like so...
2014-08-20 19:24:52 +04:00
pip install django
pip install djangorestframework
2014-08-29 17:01:54 +04:00
django-admin.py startproject example .
2016-02-03 13:01:37 +03:00
./manage.py migrate
./manage.py createsuperuser
2014-08-20 19:24:52 +04:00
Now edit the `example/urls.py` module in your project:
2012-09-02 00:35:30 +04:00
2013-11-18 11:21:09 +04:00
```python
2014-08-20 19:24:52 +04:00
from django.conf.urls import url, include
from django.contrib.auth.models import User
from rest_framework import serializers, viewsets, routers
# Serializers define the API representation.
class UserSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = User
fields = ('url', 'username', 'email', 'is_staff')
2012-09-02 00:35:30 +04:00
2013-11-18 11:21:09 +04:00
# ViewSets define the view behavior.
class UserViewSet(viewsets.ModelViewSet):
2014-08-20 19:24:52 +04:00
queryset = User.objects.all()
serializer_class = UserSerializer
2013-04-30 11:33:33 +04:00
2014-11-29 21:50:51 +03:00
2014-08-20 19:24:52 +04:00
# Routers provide a way of automatically determining the URL conf.
2013-11-18 11:21:09 +04:00
router = routers.DefaultRouter()
router.register(r'users', UserViewSet)
2013-04-30 11:33:33 +04:00
2013-11-18 11:21:09 +04:00
# Wire up our API using automatic URL routing.
2014-11-29 22:23:55 +03:00
# Additionally, we include login URLs for the browsable API.
2014-08-20 19:24:52 +04:00
urlpatterns = [
2013-11-18 11:21:09 +04:00
url(r'^', include(router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework'))
2014-08-20 19:24:52 +04:00
]
2013-11-18 11:21:09 +04:00
```
2013-03-06 16:29:32 +04:00
2013-05-02 15:08:05 +04:00
We'd also like to configure a couple of settings for our API.
Add the following to your `settings.py` module:
2013-11-18 11:21:09 +04:00
```python
2014-08-20 19:24:52 +04:00
INSTALLED_APPS = (
... # Make sure to include the default installed apps here.
2014-11-29 21:50:51 +03:00
'rest_framework',
2014-08-20 19:24:52 +04:00
)
2013-11-18 11:21:09 +04:00
2014-08-20 19:24:52 +04:00
REST_FRAMEWORK = {
2013-11-18 11:21:09 +04:00
# Use Django's standard `django.contrib.auth` permissions,
# or allow read-only access for unauthenticated users.
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
]
}
```
2013-05-02 15:08:05 +04:00
That's it, we're done!
2014-08-20 19:24:52 +04:00
./manage.py runserver
You can now open the API in your browser at `http://127.0.0.1:8000/` , and view your new 'users' API. If you use the `Login` control in the top right corner you'll also be able to add, create and delete users from the system.
You can also interact with the API using command line tools such as [`curl` ](http://curl.haxx.se/ ). For example, to list the users endpoint:
$ curl -H 'Accept: application/json; indent=4' -u admin:password http://127.0.0.1:8000/users/
[
{
2014-11-29 21:50:51 +03:00
"url": "http://127.0.0.1:8000/users/1/",
"username": "admin",
"email": "admin@example.com",
"is_staff": true,
2014-08-20 19:24:52 +04:00
}
]
Or to create a new user:
$ curl -X POST -d username=new -d email=new@example.com -d is_staff=false -H 'Accept: application/json; indent=4' -u admin:password http://127.0.0.1:8000/users/
{
2014-11-29 21:50:51 +03:00
"url": "http://127.0.0.1:8000/users/2/",
"username": "new",
"email": "new@example.com",
"is_staff": false,
2014-08-20 19:24:52 +04:00
}
2013-04-30 11:40:52 +04:00
# Documentation & Support
2013-03-06 16:29:32 +04:00
2014-01-08 19:49:19 +04:00
Full documentation for the project is available at [http://www.django-rest-framework.org][docs].
2013-04-30 11:40:52 +04:00
For questions and support, use the [REST framework discussion group][group], or `#restframework` on freenode IRC.
2013-04-30 12:32:11 +04:00
You may also want to [follow the author on Twitter][twitter].
2013-04-30 11:40:52 +04:00
2013-05-22 19:45:33 +04:00
# Security
2016-08-17 21:42:40 +03:00
If you believe you've found something in Django REST framework which has security implications, please **do not raise the issue in a public forum** .
2013-05-22 19:45:33 +04:00
Send a description of the issue via email to [rest-framework-security@googlegroups.com][security-mail]. The project maintainers will then work with you to resolve any issues where required, prior to any public disclosure.
2017-04-07 17:28:35 +03:00
[build-status-image]: https://secure.travis-ci.org/encode/django-rest-framework.svg?branch=master
[travis]: http://travis-ci.org/encode/django-rest-framework?branch=master
[coverage-status-image]: https://img.shields.io/codecov/c/github/encode/django-rest-framework/master.svg
[codecov]: http://codecov.io/github/encode/django-rest-framework?branch=master
2015-05-27 17:47:44 +03:00
[pypi-version]: https://img.shields.io/pypi/v/djangorestframework.svg
2014-11-13 15:06:45 +03:00
[pypi]: https://pypi.python.org/pypi/djangorestframework
2012-08-29 23:57:37 +04:00
[twitter]: https://twitter.com/_tomchristie
2012-12-18 02:00:25 +04:00
[group]: https://groups.google.com/forum/?fromgroups#!forum/django-rest-framework
2012-10-30 16:23:17 +04:00
[sandbox]: http://restframework.herokuapp.com/
2013-06-27 16:41:42 +04:00
2016-06-23 15:29:38 +03:00
[funding]: https://fund.django-rest-framework.org/topics/funding/
[sponsors]: https://fund.django-rest-framework.org/topics/funding/#our-sponsors
2017-11-27 13:32:17 +03:00
[rover-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/rover-readme.png
[sentry-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/sentry-readme.png
[stream-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/stream-readme.png
[machinalis-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/machinalis-readme.png
[rollbar-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/rollbar-readme.png
[rover-url]: http://jobs.rover.com/
[sentry-url]: https://getsentry.com/welcome/
[stream-url]: https://getstream.io/try-the-api/?utm_source=drf& utm_medium=banner& utm_campaign=drf
[machinalis-url]: https://hello.machinalis.co.uk/
[rollbar-url]: https://rollbar.com/
2015-01-05 15:26:15 +03:00
[oauth1-section]: http://www.django-rest-framework.org/api-guide/authentication/#django-rest-framework-oauth
[oauth2-section]: http://www.django-rest-framework.org/api-guide/authentication/#django-oauth-toolkit
2015-01-10 19:17:37 +03:00
[serializer-section]: http://www.django-rest-framework.org/api-guide/serializers/#serializers
[modelserializer-section]: http://www.django-rest-framework.org/api-guide/serializers/#modelserializer
[functionview-section]: http://www.django-rest-framework.org/api-guide/views/#function-based-views
[generic-views]: http://www.django-rest-framework.org/api-guide/generic-views/
[viewsets]: http://www.django-rest-framework.org/api-guide/viewsets/
[routers]: http://www.django-rest-framework.org/api-guide/routers/
[serializers]: http://www.django-rest-framework.org/api-guide/serializers/
[authentication]: http://www.django-rest-framework.org/api-guide/authentication/
2014-01-08 19:49:19 +04:00
[image]: http://www.django-rest-framework.org/img/quickstart.png
2012-10-30 16:23:17 +04:00
2014-01-08 19:49:19 +04:00
[docs]: http://www.django-rest-framework.org/
2013-05-22 19:45:33 +04:00
[security-mail]: mailto:rest-framework-security@googlegroups.com