Creating delicious APIs for Django apps since 2010.
Currently in beta but being used actively in production on several sites.
- Python 3.6+, preferably 3.8+ (Whatever is supported by your version of Django)
- Django 2.2, 3.2 (LTS releases), 4.0, or Django 4.1 (latest release)
- dateutil (http://labix.org/python-dateutil) >= 2.1
- XML: lxml 3 (http://lxml.de/) and defusedxml (https://pypi.python.org/pypi/defusedxml)
- YAML: pyyaml (http://pyyaml.org/)
- binary plist: biplist (https://bitbucket.org/wooster/biplist)
- HTTP Digest authentication: python3-digest (https://bitbucket.org/akoha/python-digest/)
A basic example looks like:
# myapp/api.py
# ============
from tastypie.resources import ModelResource
from myapp.models import Entry
class EntryResource(ModelResource):
class Meta:
queryset = Entry.objects.all()
# urls.py
# =======
from django.urls.conf import re_path, include
from tastypie.api import Api
from myapp.api import EntryResource
v1_api = Api(api_name='v1')
v1_api.register(EntryResource())
urlpatterns = [
# The normal jazz here then...
re_path(r'^api/', include(v1_api.urls)),
]
That gets you a fully working, read-write API for the Entry
model that
supports all CRUD operations in a RESTful way. JSON/XML/YAML support is already
there, and it's easy to add related data/authentication/caching.
You can find more in the documentation at https://django-tastypie.readthedocs.io/.
There are other API frameworks out there for Django. You need to assess the options available and decide for yourself. That said, here are some common reasons for tastypie.
- You need an API that is RESTful and uses HTTP well.
- You want to support deep relations.
- You DON'T want to have to write your own serializer to make the output right.
- You want an API framework that has little magic, very flexible and maps well to the problem domain.
- You want/need XML serialization that is treated equally to JSON (and YAML is there too).
- https://django-tastypie.readthedocs.io/en/latest/
- https://github.com/django-tastypie/django-tastypie/tree/master/tests/basic shows basic usage of tastypie
- http://en.wikipedia.org/wiki/REST
- http://en.wikipedia.org/wiki/List_of_HTTP_status_codes
- http://www.ietf.org/rfc/rfc2616.txt
- http://jacobian.org/writing/rest-worst-practices/
There are two primary ways of getting help.
- Go to StackOverflow and post a question with the
tastypie
tag. - We have an IRC channel (#tastypie on irc.freenode.net) to get help, bounce an idea by us, or generally shoot the breeze.
Tastypie is committed to providing a flexible and secure API, and was designed with many security features and options in mind. Due to the complex nature of APIs and the constant discovery of new attack vectors and vulnerabilities, no software is immune to security holes. We rely on our community to report and help us investigate security issues.
If you come across a security hole please do not open a Github issue.
Instead, drop us an email at tastypie-security@googlegroups.com
We'll then work together to investigate and resolve the problem so we can announce a solution along with the vulnerability.