This website was designed for a school project with specific requirements and fixed constraints. It was developed in a limited period of time and in this context this project is not intended to evolve that much once finished. This project is not open to contribution. The following need is fictive.
SoftDesk, a software publishing company, decided to develop an application to report and track technical problems. I was hired as a software engineer to create an efficient and secure back-end to serve front-end applications on different platforms, using a RESTful API for their communications.
The API provides the following resources :
- Users:
- Username, password, birthdate, RGPD data.
- Contributors:
- User-project association.
- Projects:
- Title, description, type of project, list of contributors.
- Issues (related to a project):
- Title, description, assignment to a contributor, priority, type of issue, status of progression.
- Comments (related to an issue):
- Description.
The API allows:
- Unauthenticated users to:
- create users.
- Authenticated users to:
- modify or delete their user profile,
- create projects,
- add contributors to their created projects,
- delete added contributors,
- modify and delete their created projects.
- Authenticated contributors to:
- add contributors to collaborating projects,
- delete added contributors,
- create issues and comments to collaborating projects,
- read access to projects details, issues and comments from collaborating projects,
- modify and delete their posted issues and comments.
Note : The API uses bearer authentication (token) as HTTP authentication scheme.
The API exposes the following URLs:
- Users
- http://localhost:8000/api/users/ POST and GET
- http://localhost:8000/api/users/<user_pk> GET, PATCH, PUT, DELETE
- http://localhost:8000/api/users/<user_pk>/change_password/ POST
- Projects
- http://localhost:8000/api/projects/ POST and GET
- http://localhost:8000/api/projects/<project_pk> GET, PATCH, PUT, DELETE
- Contributors
- http://localhost:8000/api/contributors/ POST and GET
- http://localhost:8000/api/contributors/<user_pk> GET, DELETE
- Issues
- http://localhost:8000/api/issues/ POST and GET
- http://localhost:8000/api/issues/<issue_pk> GET, PATCH, PUT, DELETE
- Comments
- http://localhost:8000/api/comments/ POST and GET
- http://localhost:8000/api/comments/<comment_pk> GET, PATCH, PUT, DELETE
- Authentication
Where <resourcename_pk> is the primary key (often an id) of the database entry.
The back-end :
- is a REST API
- is GDPR (General Data Protection Regulation) compliant
- is optimized (using pagination and method adapted serializers)
- is secure (using token authentication and custom permissions)
The python code:
This application was tested with python 3.11 and poetry 1.5 (for the virtual environnement and dependencies).
-
Django REST Framework (
djangorestframework3.14). -
Simple JWT (
djangorestframework-simplejwt5.3)
-
Clone this repository:
git clone https://github.com/nanakin/OC-P10-DRF.git DRF-project
-
Move to the project directory:
cd DRF-project -
Install poetry if not installed yet, by following the official documentation here : https://python-poetry.org/docs/#installation
-
Install project dependencies in a new virtual environment using poetry:
poetry install
and use it:
poetry shell
-
Migrate the database
python3 manage.py migrate
-
Launch the server:
python3 manage.py runserver
-
Start using API endpoints
http://localhost:8000/api/...