2014-12-09 13:06:23 +03:00
# [Django REST framework][docs]
2014-07-18 16:20:03 +04:00
[![build-status-image]][travis]
2015-08-03 18:57:18 +03:00
[![coverage-status-image]][codecov]
2014-11-13 15:06:45 +03:00
[![pypi-version]][pypi]
2016-04-19 17:09:16 +03:00
[![Gitter ](https://badges.gitter.im/tomchristie/django-rest-framework.svg )](https://gitter.im/tomchristie/django-rest-framework?utm_source=badge& utm_medium=badge& utm_campaign=pr-badge)
2014-07-18 16:20:03 +04:00
2014-11-29 22:23:55 +03:00
**Awesome web-browsable Web APIs.**
2014-07-18 16:20:03 +04:00
2014-11-03 17:43:00 +03:00
Full documentation for the project is available at [http://www.django-rest-framework.org][docs].
---
2016-06-23 15:29:38 +03:00
# Funding
REST framework is a *collaboratively funded project* . If you use
REST framework commercially we strongly encourage you to invest in its
2017-11-27 13:32:17 +03:00
continued development by [signing up for a paid plan][funding].
2016-06-23 15:29:38 +03:00
The initial aim is to provide a single full-time position on REST framework.
2016-08-11 18:53:34 +03:00
*Every single sign-up makes a significant impact towards making that possible.*
2016-06-23 15:29:38 +03:00
2017-11-27 13:32:17 +03:00
[![][rover-img]][rover-url]
[![][sentry-img]][sentry-url]
[![][stream-img]][stream-url]
[![][machinalis-img]][machinalis-url]
[![][rollbar-img]][rollbar-url]
2016-06-23 15:29:38 +03:00
2017-11-27 13:32:17 +03:00
Many thanks to all our [wonderful sponsors][sponsors], and in particular to our premium backers, [Rover][rover-url], [Sentry][sentry-url], [Stream][stream-url], [Machinalis][machinalis-url], and [Rollbar][rollbar-url].
2014-11-03 17:43:00 +03:00
---
2014-07-18 16:20:03 +04:00
2012-08-29 23:57:37 +04:00
# Overview
2014-08-18 23:51:08 +04:00
Django REST framework is a powerful and flexible toolkit for building Web APIs.
2012-10-30 16:23:17 +04:00
2013-04-30 12:32:11 +04:00
Some reasons you might want to use REST framework:
2012-08-29 23:57:37 +04:00
2014-11-29 22:23:55 +03:00
* The [Web browsable API][sandbox] is a huge usability win for your developers.
2014-12-12 18:37:43 +03:00
* [Authentication policies][authentication] including optional packages for [OAuth1a][oauth1-section] and [OAuth2][oauth2-section].
2013-06-27 16:41:42 +04:00
* [Serialization][serializers] that supports both [ORM][modelserializer-section] and [non-ORM][serializer-section] data sources.
* Customizable all the way down - just use [regular function-based views][functionview-section] if you don't need the [more][generic-views] [powerful][viewsets] [features][routers].
2015-03-07 17:50:31 +03:00
* [Extensive documentation][docs], and [great community support][group].
2012-10-30 16:23:17 +04:00
2013-04-30 12:32:11 +04:00
There is a live example API for testing purposes, [available here][sandbox].
2012-08-29 23:57:37 +04:00
2014-11-29 22:23:55 +03:00
**Below**: *Screenshot from the browsable API*
2013-04-30 11:33:33 +04:00
![Screenshot][image]
2017-11-27 13:32:17 +03:00
----
2012-08-29 23:57:37 +04:00
# Requirements
2017-10-06 14:18:31 +03:00
* Python (2.7, 3.4, 3.5, 3.6)
2017-12-20 17:28:31 +03:00
* Django (1.10, 1.11, 2.0)
2012-08-29 23:57:37 +04:00
# Installation
2013-04-30 11:33:33 +04:00
Install using `pip` ...
2012-08-29 23:57:37 +04:00
2012-10-26 22:55:23 +04:00
pip install djangorestframework
2012-12-27 21:53:07 +04:00
Add `'rest_framework'` to your `INSTALLED_APPS` setting.
INSTALLED_APPS = (
...
2014-08-20 19:24:52 +04:00
'rest_framework',
2012-12-27 21:53:07 +04:00
)
2013-04-30 11:33:33 +04:00
# Example
2013-05-02 15:08:05 +04:00
Let's take a look at a quick example of using REST framework to build a simple model-backed API for accessing users and groups.
2013-04-30 17:34:42 +04:00
2014-11-29 21:50:51 +03:00
Startup up a new project like so...
2014-08-20 19:24:52 +04:00
pip install django
pip install djangorestframework
2014-08-29 17:01:54 +04:00
django-admin.py startproject example .
2016-02-03 13:01:37 +03:00
./manage.py migrate
./manage.py createsuperuser
2014-08-20 19:24:52 +04:00
Now edit the `example/urls.py` module in your project:
2012-09-02 00:35:30 +04:00
2013-11-18 11:21:09 +04:00
```python
2014-08-20 19:24:52 +04:00
from django.conf.urls import url, include
from django.contrib.auth.models import User
from rest_framework import serializers, viewsets, routers
# Serializers define the API representation.
class UserSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = User
fields = ('url', 'username', 'email', 'is_staff')
2012-09-02 00:35:30 +04:00
2013-11-18 11:21:09 +04:00
# ViewSets define the view behavior.
class UserViewSet(viewsets.ModelViewSet):
2014-08-20 19:24:52 +04:00
queryset = User.objects.all()
serializer_class = UserSerializer
2013-04-30 11:33:33 +04:00
2014-11-29 21:50:51 +03:00
2014-08-20 19:24:52 +04:00
# Routers provide a way of automatically determining the URL conf.
2013-11-18 11:21:09 +04:00
router = routers.DefaultRouter()
router.register(r'users', UserViewSet)
2013-04-30 11:33:33 +04:00
2013-11-18 11:21:09 +04:00
# Wire up our API using automatic URL routing.
2014-11-29 22:23:55 +03:00
# Additionally, we include login URLs for the browsable API.
2014-08-20 19:24:52 +04:00
urlpatterns = [
2013-11-18 11:21:09 +04:00
url(r'^', include(router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework'))
2014-08-20 19:24:52 +04:00
]
2013-11-18 11:21:09 +04:00
```
2013-03-06 16:29:32 +04:00
2013-05-02 15:08:05 +04:00
We'd also like to configure a couple of settings for our API.
Add the following to your `settings.py` module:
2013-11-18 11:21:09 +04:00
```python
2014-08-20 19:24:52 +04:00
INSTALLED_APPS = (
... # Make sure to include the default installed apps here.
2014-11-29 21:50:51 +03:00
'rest_framework',
2014-08-20 19:24:52 +04:00
)
2013-11-18 11:21:09 +04:00
2014-08-20 19:24:52 +04:00
REST_FRAMEWORK = {
2013-11-18 11:21:09 +04:00
# Use Django's standard `django.contrib.auth` permissions,
# or allow read-only access for unauthenticated users.
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
]
}
```
2013-05-02 15:08:05 +04:00
That's it, we're done!
2014-08-20 19:24:52 +04:00
./manage.py runserver
You can now open the API in your browser at `http://127.0.0.1:8000/` , and view your new 'users' API. If you use the `Login` control in the top right corner you'll also be able to add, create and delete users from the system.
2018-01-08 18:22:32 +03:00
You can also interact with the API using command line tools such as [`curl` ](https://curl.haxx.se/ ). For example, to list the users endpoint:
2014-08-20 19:24:52 +04:00
$ curl -H 'Accept: application/json; indent=4' -u admin:password http://127.0.0.1:8000/users/
[
{
2014-11-29 21:50:51 +03:00
"url": "http://127.0.0.1:8000/users/1/",
"username": "admin",
"email": "admin@example.com",
"is_staff": true,
2014-08-20 19:24:52 +04:00
}
]
Or to create a new user:
$ curl -X POST -d username=new -d email=new@example.com -d is_staff=false -H 'Accept: application/json; indent=4' -u admin:password http://127.0.0.1:8000/users/
{
2014-11-29 21:50:51 +03:00
"url": "http://127.0.0.1:8000/users/2/",
"username": "new",
"email": "new@example.com",
"is_staff": false,
2014-08-20 19:24:52 +04:00
}
2013-04-30 11:40:52 +04:00
# Documentation & Support
2013-03-06 16:29:32 +04:00
2014-01-08 19:49:19 +04:00
Full documentation for the project is available at [http://www.django-rest-framework.org][docs].
2013-04-30 11:40:52 +04:00
For questions and support, use the [REST framework discussion group][group], or `#restframework` on freenode IRC.
2013-04-30 12:32:11 +04:00
You may also want to [follow the author on Twitter][twitter].
2013-04-30 11:40:52 +04:00
2013-05-22 19:45:33 +04:00
# Security
2016-08-17 21:42:40 +03:00
If you believe you've found something in Django REST framework which has security implications, please **do not raise the issue in a public forum** .
2013-05-22 19:45:33 +04:00
Send a description of the issue via email to [rest-framework-security@googlegroups.com][security-mail]. The project maintainers will then work with you to resolve any issues where required, prior to any public disclosure.
2017-04-07 17:28:35 +03:00
[build-status-image]: https://secure.travis-ci.org/encode/django-rest-framework.svg?branch=master
2018-01-08 18:22:32 +03:00
[travis]: https://travis-ci.org/encode/django-rest-framework?branch=master
2017-04-07 17:28:35 +03:00
[coverage-status-image]: https://img.shields.io/codecov/c/github/encode/django-rest-framework/master.svg
2018-01-08 18:22:32 +03:00
[codecov]: https://codecov.io/github/encode/django-rest-framework?branch=master
2015-05-27 17:47:44 +03:00
[pypi-version]: https://img.shields.io/pypi/v/djangorestframework.svg
2014-11-13 15:06:45 +03:00
[pypi]: https://pypi.python.org/pypi/djangorestframework
2012-08-29 23:57:37 +04:00
[twitter]: https://twitter.com/_tomchristie
2012-12-18 02:00:25 +04:00
[group]: https://groups.google.com/forum/?fromgroups#!forum/django-rest-framework
2018-01-08 18:22:32 +03:00
[sandbox]: https://restframework.herokuapp.com/
2013-06-27 16:41:42 +04:00
2016-06-23 15:29:38 +03:00
[funding]: https://fund.django-rest-framework.org/topics/funding/
[sponsors]: https://fund.django-rest-framework.org/topics/funding/#our-sponsors
2017-11-27 13:32:17 +03:00
[rover-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/rover-readme.png
[sentry-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/sentry-readme.png
[stream-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/stream-readme.png
[machinalis-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/machinalis-readme.png
[rollbar-img]: https://raw.githubusercontent.com/encode/django-rest-framework/master/docs/img/premium/rollbar-readme.png
[rover-url]: http://jobs.rover.com/
[sentry-url]: https://getsentry.com/welcome/
[stream-url]: https://getstream.io/try-the-api/?utm_source=drf& utm_medium=banner& utm_campaign=drf
[machinalis-url]: https://hello.machinalis.co.uk/
[rollbar-url]: https://rollbar.com/
2015-01-05 15:26:15 +03:00
[oauth1-section]: http://www.django-rest-framework.org/api-guide/authentication/#django-rest-framework-oauth
[oauth2-section]: http://www.django-rest-framework.org/api-guide/authentication/#django-oauth-toolkit
2015-01-10 19:17:37 +03:00
[serializer-section]: http://www.django-rest-framework.org/api-guide/serializers/#serializers
[modelserializer-section]: http://www.django-rest-framework.org/api-guide/serializers/#modelserializer
[functionview-section]: http://www.django-rest-framework.org/api-guide/views/#function-based-views
[generic-views]: http://www.django-rest-framework.org/api-guide/generic-views/
[viewsets]: http://www.django-rest-framework.org/api-guide/viewsets/
[routers]: http://www.django-rest-framework.org/api-guide/routers/
[serializers]: http://www.django-rest-framework.org/api-guide/serializers/
[authentication]: http://www.django-rest-framework.org/api-guide/authentication/
2014-01-08 19:49:19 +04:00
[image]: http://www.django-rest-framework.org/img/quickstart.png
2012-10-30 16:23:17 +04:00
2014-01-08 19:49:19 +04:00
[docs]: http://www.django-rest-framework.org/
2013-05-22 19:45:33 +04:00
[security-mail]: mailto:rest-framework-security@googlegroups.com