2016-07-04 18:38:17 +03:00
# Tutorial 7: Schemas & client libraries
A schema is a machine-readable document that describes the available API
endpoints, their URLS, and what operations they support.
Schemas can be a useful tool for auto-generated documentation, and can also
be used to drive dynamic client libraries that can interact with the API.
## Core API
In order to provide schema support REST framework uses [Core API][coreapi].
Core API is a document specification for describing APIs. It is used to provide
an internal representation format of the available endpoints and possible
interactions that an API exposes. It can either be used server-side, or
client-side.
When used server-side, Core API allows an API to support rendering to a wide
range of schema or hypermedia formats.
When used client-side, Core API allows for dynamically driven client libraries
that can interact with any API that exposes a supported schema or hypermedia
format.
## Adding a schema
REST framework supports either explicitly defined schema views, or
automatically generated schemas. Since we're using viewsets and routers,
we can simply use the automatic schema generation.
You'll need to install the `coreapi` python package in order to include an
API schema.
$ pip install coreapi
2016-10-10 15:03:46 +03:00
We can now include a schema for our API, by including an autogenerated schema
view in our URL configuration.
2016-07-04 18:38:17 +03:00
2017-08-14 15:04:52 +03:00
```python
from rest_framework.schemas import get_schema_view
2016-10-10 15:03:46 +03:00
2017-08-14 15:04:52 +03:00
schema_view = get_schema_view(title='Pastebin API')
2016-10-10 15:03:46 +03:00
2017-08-14 15:04:52 +03:00
urlpatterns = [
url(r'^schema/$', schema_view),
...
]
2017-04-28 18:08:54 +03:00
```
2016-07-04 18:38:17 +03:00
If you visit the API root endpoint in a browser you should now see `corejson`
representation become available as an option.
![Schema format ](../img/corejson-format.png )
We can also request the schema from the command line, by specifying the desired
content type in the `Accept` header.
2016-10-21 17:45:28 +03:00
$ http http://127.0.0.1:8000/schema/ Accept:application/coreapi+json
2016-07-04 18:38:17 +03:00
HTTP/1.0 200 OK
Allow: GET, HEAD, OPTIONS
2016-10-21 17:45:28 +03:00
Content-Type: application/coreapi+json
2016-07-04 18:38:17 +03:00
{
"_meta": {
"title": "Pastebin API"
},
"_type": "document",
...
The default output style is to use the [Core JSON][corejson] encoding.
Other schema formats, such as [Open API][openapi] (formerly Swagger) are
also supported.
## Using a command line client
Now that our API is exposing a schema endpoint, we can use a dynamic client
library to interact with the API. To demonstrate this, let's use the
2016-07-14 14:44:13 +03:00
Core API command line client.
The command line client is available as the `coreapi-cli` package:
$ pip install coreapi-cli
Now check that it is available on the command line...
2016-07-04 18:38:17 +03:00
$ coreapi
Usage: coreapi [OPTIONS] COMMAND [ARGS]...
Command line client for interacting with CoreAPI services.
Visit http://www.coreapi.org for more information.
Options:
--version Display the package version number.
--help Show this message and exit.
Commands:
...
First we'll load the API schema using the command line client.
2016-10-10 15:03:46 +03:00
$ coreapi get http://127.0.0.1:8000/schema/
< Pastebin API " http: / / 127 . 0 . 0 . 1:8000 / schema / " >
2016-07-04 18:38:17 +03:00
snippets: {
2016-10-10 15:03:46 +03:00
highlight(id)
2016-07-04 18:38:17 +03:00
list()
2016-10-10 15:03:46 +03:00
read(id)
2016-07-04 18:38:17 +03:00
}
users: {
list()
2016-10-10 15:03:46 +03:00
read(id)
2016-07-04 18:38:17 +03:00
}
We haven't authenticated yet, so right now we're only able to see the read only
endpoints, in line with how we've set up the permissions on the API.
Let's try listing the existing snippets, using the command line client:
$ coreapi action snippets list
[
{
"url": "http://127.0.0.1:8000/snippets/1/",
2016-10-10 15:03:46 +03:00
"id": 1,
2016-07-04 18:38:17 +03:00
"highlight": "http://127.0.0.1:8000/snippets/1/highlight/",
"owner": "lucy",
"title": "Example",
"code": "print('hello, world!')",
"linenos": true,
"language": "python",
"style": "friendly"
},
...
Some of the API endpoints require named parameters. For example, to get back
the highlight HTML for a particular snippet we need to provide an id.
2016-10-10 15:03:46 +03:00
$ coreapi action snippets highlight --param id=1
2016-07-04 18:38:17 +03:00
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
< html >
< head >
< title > Example< / title >
...
## Authenticating our client
If we want to be able to create, edit and delete snippets, we'll need to
authenticate as a valid user. In this case we'll just use basic auth.
Make sure to replace the `<username>` and `<password>` below with your
actual username and password.
$ coreapi credentials add 127.0.0.1 < username > :< password > --auth basic
Added credentials
127.0.0.1 "Basic < ... > "
Now if we fetch the schema again, we should be able to see the full
set of available interactions.
$ coreapi reload
2016-10-10 15:03:46 +03:00
Pastebin API "http://127.0.0.1:8000/schema/">
2016-07-04 18:38:17 +03:00
snippets: {
create(code, [title], [linenos], [language], [style])
2016-10-10 15:03:46 +03:00
delete(id)
highlight(id)
2016-07-04 18:38:17 +03:00
list()
2016-10-10 15:03:46 +03:00
partial_update(id, [title], [code], [linenos], [language], [style])
read(id)
update(id, code, [title], [linenos], [language], [style])
2016-07-04 18:38:17 +03:00
}
users: {
list()
2016-10-10 15:03:46 +03:00
read(id)
2016-07-04 18:38:17 +03:00
}
We're now able to interact with these endpoints. For example, to create a new
snippet:
2016-07-18 17:56:36 +03:00
$ coreapi action snippets create --param title="Example" --param code="print('hello, world')"
2016-07-04 18:38:17 +03:00
{
"url": "http://127.0.0.1:8000/snippets/7/",
2016-10-10 15:03:46 +03:00
"id": 7,
2016-07-04 18:38:17 +03:00
"highlight": "http://127.0.0.1:8000/snippets/7/highlight/",
"owner": "lucy",
"title": "Example",
"code": "print('hello, world')",
"linenos": false,
"language": "python",
"style": "friendly"
}
And to delete a snippet:
2016-10-10 15:03:46 +03:00
$ coreapi action snippets delete --param id=7
2016-07-04 18:38:17 +03:00
As well as the command line client, developers can also interact with your
API using client libraries. The Python client library is the first of these
to be available, and a Javascript client library is planned to be released
soon.
For more details on customizing schema generation and using Core API
client libraries you'll need to refer to the full documentation.
## Reviewing our work
With an incredibly small amount of code, we've now got a complete pastebin Web API, which is fully web browsable, includes a schema-driven client library, and comes complete with authentication, per-object permissions, and multiple renderer formats.
We've walked through each step of the design process, and seen how if we need to customize anything we can gradually work our way down to simply using regular Django views.
You can review the final [tutorial code][repo] on GitHub, or try out a live example in [the sandbox][sandbox].
## Onwards and upwards
We've reached the end of our tutorial. If you want to get more involved in the REST framework project, here are a few places you can start:
* Contribute on [GitHub][github] by reviewing and submitting issues, and making pull requests.
* Join the [REST framework discussion group][group], and help build the community.
* Follow [the author][twitter] on Twitter and say hi.
**Now go build awesome things.**
[coreapi]: http://www.coreapi.org
[corejson]: http://www.coreapi.org/specification/encoding/#core-json-encoding
[openapi]: https://openapis.org/
2017-04-07 17:28:35 +03:00
[repo]: https://github.com/encode/rest-framework-tutorial
2016-07-04 18:38:17 +03:00
[sandbox]: http://restframework.herokuapp.com/
2017-04-07 17:28:35 +03:00
[github]: https://github.com/encode/django-rest-framework
2016-07-04 18:38:17 +03:00
[group]: https://groups.google.com/forum/?fromgroups#!forum/django-rest-framework
[twitter]: https://twitter.com/_tomchristie