encode
diff --git a/‎api-guide/authentication/index.html
Lines changed: 7 additions & 0 deletions b/‎api-guide/authentication/index.html
Lines changed: 7 additions & 0 deletions
diff --git a/‎api-guide/fields/index.html
Lines changed: 2 additions & 2 deletions b/‎api-guide/fields/index.html
Lines changed: 2 additions & 2 deletions
diff --git a/‎api-guide/renderers/index.html
Lines changed: 1 addition & 1 deletion b/‎api-guide/renderers/index.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎api-guide/routers/index.html
Lines changed: 15 additions & 14 deletions b/‎api-guide/routers/index.html
Lines changed: 15 additions & 14 deletions
diff --git a/‎api-guide/serializers/index.html
Lines changed: 1 addition & 1 deletion b/‎api-guide/serializers/index.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎api-guide/settings/index.html
Lines changed: 6 additions & 6 deletions b/‎api-guide/settings/index.html
Lines changed: 6 additions & 6 deletions
diff --git a/‎api-guide/testing/index.html
Lines changed: 5 additions & 2 deletions b/‎api-guide/testing/index.html
Lines changed: 5 additions & 2 deletions
diff --git a/‎api-guide/validators/index.html
Lines changed: 1 addition & 1 deletion b/‎api-guide/validators/index.html
Lines changed: 1 addition & 1 deletion
@@ -429,6 +429,10 @@ <h3 id="myModalLabel">Documentation search</h3>
                       <a href="#unauthorized-and-forbidden-responses">Unauthorized and Forbidden responses</a>
                     </li>
 
+                    <li>
+                      <a href="#django-51-loginrequiredmiddleware">Django 5.1+ LoginRequiredMiddleware</a>
+                    </li>
+                  
                     <li>
                       <a href="#apache-mod_wsgi-specific-configuration">Apache mod_wsgi specific configuration</a>
                     </li>
@@ -605,6 +609,9 @@ <h2 id="unauthorized-and-forbidden-responses"><a class="toclink" href="#unauthor
 <p>HTTP 401 responses must always include a <code>WWW-Authenticate</code> header, that instructs the client how to authenticate.  HTTP 403 responses do not include the <code>WWW-Authenticate</code> header.</p>
 <p>The kind of response that will be used depends on the authentication scheme.  Although multiple authentication schemes may be in use, only one scheme may be used to determine the type of response.  <strong>The first authentication class set on the view is used when determining the type of response</strong>.</p>
 <p>Note that when a request may successfully authenticate, but still be denied permission to perform the request, in which case a <code>403 Permission Denied</code> response will always be used, regardless of the authentication scheme.</p>
+<h2 id="django-51-loginrequiredmiddleware"><a class="toclink" href="#django-51-loginrequiredmiddleware">Django 5.1+ <code>LoginRequiredMiddleware</code></a></h2>
+<p>If you're running Django 5.1+ and use the <a href="https://docs.djangoproject.com/en/stable/ref/middleware/#django.contrib.auth.middleware.LoginRequiredMiddleware"><code>LoginRequiredMiddleware</code></a>, please note that all views from DRF are opted-out of this middleware.  This is because the authentication in DRF is based authentication and permissions classes, which may be determined after the middleware has been applied.  Additionally, when the request is not authenticated, the middleware redirects the user to the login page, which is not suitable for API requests, where it's preferable to return a 401 status code.</p>
+<p>REST framework offers an equivalent mechanism for DRF views via the global settings, <code>DEFAULT_AUTHENTICATION_CLASSES</code> and <code>DEFAULT_PERMISSION_CLASSES</code>.  They should be changed accordingly if you need to enforce that API requests are logged in.</p>
 <h2 id="apache-mod_wsgi-specific-configuration"><a class="toclink" href="#apache-mod_wsgi-specific-configuration">Apache mod_wsgi specific configuration</a></h2>
 <p>Note that if deploying to <a href="https://modwsgi.readthedocs.io/en/develop/configuration-directives/WSGIPassAuthorization.html">Apache using mod_wsgi</a>, the authorization header is not passed through to a WSGI application by default, as it is assumed that authentication will be handled by Apache, rather than at an application level.</p>
 <p>If you are deploying to Apache, and using any non-session based authentication, you will need to explicitly configure mod_wsgi to pass the required headers through to the application.  This can be done by specifying the <code>WSGIPassAuthorization</code> directive in the appropriate context and setting it to <code>'On'</code>.</p>
 
@@ -832,8 +832,8 @@ <h2 id="decimalfield"><a class="toclink" href="#decimalfield">DecimalField</a></
 <li><code>max_digits</code> The maximum number of digits allowed in the number. It must be either <code>None</code> or an integer greater than or equal to <code>decimal_places</code>.</li>
 <li><code>decimal_places</code> The number of decimal places to store with the number.</li>
 <li><code>coerce_to_string</code> Set to <code>True</code> if string values should be returned for the representation, or <code>False</code> if <code>Decimal</code> objects should be returned. Defaults to the same value as the <code>COERCE_DECIMAL_TO_STRING</code> settings key, which will be <code>True</code> unless overridden. If <code>Decimal</code> objects are returned by the serializer, then the final output format will be determined by the renderer. Note that setting <code>localize</code> will force the value to <code>True</code>.</li>
-<li><code>max_value</code> Validate that the number provided is no greater than this value.</li>
-<li><code>min_value</code> Validate that the number provided is no less than this value.</li>
+<li><code>max_value</code> Validate that the number provided is no greater than this value. Should be an integer or <code>Decimal</code> object.</li>
+<li><code>min_value</code> Validate that the number provided is no less than this value. Should be an integer or <code>Decimal</code> object.</li>
 <li><code>localize</code> Set to <code>True</code> to enable localization of input and output based on the current locale. This will also force <code>coerce_to_string</code> to <code>True</code>. Defaults to <code>False</code>. Note that data formatting is enabled if you have set <code>USE_L10N=True</code> in your settings file.</li>
 <li><code>rounding</code> Sets the rounding mode used when quantizing to the configured precision. Valid values are <a href="https://docs.python.org/3/library/decimal.html#rounding-modes"><code>decimal</code> module rounding modes</a>. Defaults to <code>None</code>.</li>
 <li><code>normalize_output</code> Will normalize the decimal value when serialized. This will strip all trailing zeroes and change the value's precision to the minimum required precision to be able to represent the value without losing data. Defaults to <code>False</code>.</li>
 
@@ -942,7 +942,7 @@ <h2 id="camelcase-json"><a class="toclink" href="#camelcase-json">CamelCase JSON
 <h2 id="pandas-csv-excel-png"><a class="toclink" href="#pandas-csv-excel-png">Pandas (CSV, Excel, PNG)</a></h2>
 <p><a href="https://github.com/wq/django-rest-pandas">Django REST Pandas</a> provides a serializer and renderers that support additional data processing and output via the <a href="https://pandas.pydata.org/">Pandas</a> DataFrame API.  Django REST Pandas includes renderers for Pandas-style CSV files, Excel workbooks (both <code>.xls</code> and <code>.xlsx</code>), and a number of <a href="https://github.com/wq/django-rest-pandas#supported-formats">other formats</a>. It is maintained by <a href="https://github.com/sheppard">S. Andrew Sheppard</a> as part of the <a href="https://github.com/wq">wq Project</a>.</p>
 <h2 id="latex"><a class="toclink" href="#latex">LaTeX</a></h2>
-<p><a href="https://github.com/mypebble/rest-framework-latex">Rest Framework Latex</a> provides a renderer that outputs PDFs using Laulatex. It is maintained by <a href="https://github.com/mypebble">Pebble (S/F Software)</a>.</p>
+<p><a href="https://github.com/mypebble/rest-framework-latex">Rest Framework Latex</a> provides a renderer that outputs PDFs using Lualatex. It is maintained by <a href="https://github.com/mypebble">Pebble (S/F Software)</a>.</p>
 
 
           </div> <!--/span-->
 
@@ -606,6 +606,20 @@ <h3 id="routing-for-extra-actions"><a class="toclink" href="#routing-for-extra-a
 <li>URL path: <code>^users/{pk}/change-password/$</code></li>
 <li>URL name: <code>'user-change_password'</code></li>
 </ul>
+<h3 id="using-django-path-with-routers"><a class="toclink" href="#using-django-path-with-routers">Using Django <code>path()</code> with routers</a></h3>
+<p>By default, the URLs created by routers use regular expressions. This behavior can be modified by setting the <code>use_regex_path</code> argument to <code>False</code> when instantiating the router, in this case <a href="https://docs.djangoproject.com/en/2.0/topics/http/urls/#path-converters">path converters</a> are used. For example:</p>
+<pre><code>router = SimpleRouter(use_regex_path=False)
+</code></pre>
+<p>The router will match lookup values containing any characters except slashes and period characters.  For a more restrictive (or lenient) lookup pattern, set the <code>lookup_value_regex</code> attribute on the viewset or <code>lookup_value_converter</code> if using path converters.  For example, you can limit the lookup to valid UUIDs:</p>
+<pre><code>class MyModelViewSet(mixins.RetrieveModelMixin, viewsets.GenericViewSet):
+    lookup_field = 'my_model_id'
+    lookup_value_regex = '[0-9a-f]{32}'
+
+class MyPathModelViewSet(mixins.RetrieveModelMixin, viewsets.GenericViewSet):
+    lookup_field = 'my_model_uuid'
+    lookup_value_converter = 'uuid'
+</code></pre>
+<p>Note that path converters will be used on all URLs registered in the router, including viewset actions.</p>
 <h1 id="api-guide"><a class="toclink" href="#api-guide">API Guide</a></h1>
 <h2 id="simplerouter"><a class="toclink" href="#simplerouter">SimpleRouter</a></h2>
 <p>This router includes routes for the standard set of <code>list</code>, <code>create</code>, <code>retrieve</code>, <code>update</code>, <code>partial_update</code> and <code>destroy</code> actions.  The viewset can also mark additional methods to be routed, using the <code>@action</code> decorator.</p>
@@ -621,24 +635,11 @@ <h2 id="simplerouter"><a class="toclink" href="#simplerouter">SimpleRouter</a></
     <tr><td>{prefix}/{lookup}/{url_path}/</td><td>GET, or as specified by `methods` argument</td><td>`@action(detail=True)` decorated method</td><td>{basename}-{url_name}</td></tr>
 </table>
 
-<p>By default the URLs created by <code>SimpleRouter</code> are appended with a trailing slash.
+<p>By default, the URLs created by <code>SimpleRouter</code> are appended with a trailing slash.
 This behavior can be modified by setting the <code>trailing_slash</code> argument to <code>False</code> when instantiating the router.  For example:</p>
 <pre><code>router = SimpleRouter(trailing_slash=False)
 </code></pre>
 <p>Trailing slashes are conventional in Django, but are not used by default in some other frameworks such as Rails.  Which style you choose to use is largely a matter of preference, although some javascript frameworks may expect a particular routing style.</p>
-<p>By default the URLs created by <code>SimpleRouter</code> use regular expressions. This behavior can be modified by setting the <code>use_regex_path</code> argument to <code>False</code> when instantiating the router, in this case <a href="https://docs.djangoproject.com/en/2.0/topics/http/urls/#path-converters">path converters</a> are used. For example:</p>
-<pre><code>router = SimpleRouter(use_regex_path=False)
-</code></pre>
-<p><strong>Note</strong>: <code>use_regex_path=False</code> only works with Django 2.x or above, since this feature was introduced in 2.0.0. See <a href="https://docs.djangoproject.com/en/2.0/releases/2.0/#simplified-url-routing-syntax">release note</a></p>
-<p>The router will match lookup values containing any characters except slashes and period characters.  For a more restrictive (or lenient) lookup pattern, set the <code>lookup_value_regex</code> attribute on the viewset or <code>lookup_value_converter</code> if using path converters.  For example, you can limit the lookup to valid UUIDs:</p>
-<pre><code>class MyModelViewSet(mixins.RetrieveModelMixin, viewsets.GenericViewSet):
-    lookup_field = 'my_model_id'
-    lookup_value_regex = '[0-9a-f]{32}'
-
-class MyPathModelViewSet(mixins.RetrieveModelMixin, viewsets.GenericViewSet):
-    lookup_field = 'my_model_uuid'
-    lookup_value_converter = 'uuid'
-</code></pre>
 <h2 id="defaultrouter"><a class="toclink" href="#defaultrouter">DefaultRouter</a></h2>
 <p>This router is similar to <code>SimpleRouter</code> as above, but additionally includes a default API root view, that returns a response containing hyperlinks to all the list views.  It also generates routes for optional <code>.json</code> style format suffixes.</p>
 <table border=1>
 
@@ -845,7 +845,7 @@ <h4 id="validators"><a class="toclink" href="#validators">Validators</a></h4>
 <p>Serializer classes can also include reusable validators that are applied to the complete set of field data. These validators are included by declaring them on an inner <code>Meta</code> class, like so:</p>
 <pre><code>class EventSerializer(serializers.Serializer):
     name = serializers.CharField()
-    room_number = serializers.IntegerField(choices=[101, 102, 103, 201])
+    room_number = serializers.ChoiceField(choices=[101, 102, 103, 201])
     date = serializers.DateField()
 
     class Meta:
 
@@ -657,27 +657,27 @@ <h2 id="date-and-time-formatting"><a class="toclink" href="#date-and-time-format
 <p><em>The following settings are used to control how date and time representations may be parsed and rendered.</em></p>
 <h4 id="datetime_format"><a class="toclink" href="#datetime_format">DATETIME_FORMAT</a></h4>
 <p>A format string that should be used by default for rendering the output of <code>DateTimeField</code> serializer fields.  If <code>None</code>, then <code>DateTimeField</code> serializer fields will return Python <code>datetime</code> objects, and the datetime encoding will be determined by the renderer.</p>
-<p>May be any of <code>None</code>, <code>'iso-8601'</code> or a Python <a href="https://docs.python.org/3/library/time.html#time.strftime">strftime format</a> string.</p>
+<p>May be any of <code>None</code>, <code>'iso-8601'</code> or a Python <a href="https://docs.python.org/3/library/datetime.html#strftime-and-strptime-format-codes">strftime format</a> string.</p>
 <p>Default: <code>'iso-8601'</code></p>
 <h4 id="datetime_input_formats"><a class="toclink" href="#datetime_input_formats">DATETIME_INPUT_FORMATS</a></h4>
 <p>A list of format strings that should be used by default for parsing inputs to <code>DateTimeField</code> serializer fields.</p>
-<p>May be a list including the string <code>'iso-8601'</code> or Python <a href="https://docs.python.org/3/library/time.html#time.strftime">strftime format</a> strings.</p>
+<p>May be a list including the string <code>'iso-8601'</code> or Python <a href="https://docs.python.org/3/library/datetime.html#strftime-and-strptime-format-codes">strftime format</a> strings.</p>
 <p>Default: <code>['iso-8601']</code></p>
 <h4 id="date_format"><a class="toclink" href="#date_format">DATE_FORMAT</a></h4>
 <p>A format string that should be used by default for rendering the output of <code>DateField</code> serializer fields.  If <code>None</code>, then <code>DateField</code> serializer fields will return Python <code>date</code> objects, and the date encoding will be determined by the renderer.</p>
-<p>May be any of <code>None</code>, <code>'iso-8601'</code> or a Python <a href="https://docs.python.org/3/library/time.html#time.strftime">strftime format</a> string.</p>
+<p>May be any of <code>None</code>, <code>'iso-8601'</code> or a Python <a href="https://docs.python.org/3/library/datetime.html#strftime-and-strptime-format-codes">strftime format</a> string.</p>
 <p>Default: <code>'iso-8601'</code></p>
 <h4 id="date_input_formats"><a class="toclink" href="#date_input_formats">DATE_INPUT_FORMATS</a></h4>
 <p>A list of format strings that should be used by default for parsing inputs to <code>DateField</code> serializer fields.</p>
-<p>May be a list including the string <code>'iso-8601'</code> or Python <a href="https://docs.python.org/3/library/time.html#time.strftime">strftime format</a> strings.</p>
+<p>May be a list including the string <code>'iso-8601'</code> or Python <a href="https://docs.python.org/3/library/datetime.html#strftime-and-strptime-format-codes">strftime format</a> strings.</p>
 <p>Default: <code>['iso-8601']</code></p>
 <h4 id="time_format"><a class="toclink" href="#time_format">TIME_FORMAT</a></h4>
 <p>A format string that should be used by default for rendering the output of <code>TimeField</code> serializer fields.  If <code>None</code>, then <code>TimeField</code> serializer fields will return Python <code>time</code> objects, and the time encoding will be determined by the renderer.</p>
-<p>May be any of <code>None</code>, <code>'iso-8601'</code> or a Python <a href="https://docs.python.org/3/library/time.html#time.strftime">strftime format</a> string.</p>
+<p>May be any of <code>None</code>, <code>'iso-8601'</code> or a Python <a href="https://docs.python.org/3/library/datetime.html#strftime-and-strptime-format-codes">strftime format</a> string.</p>
 <p>Default: <code>'iso-8601'</code></p>
 <h4 id="time_input_formats"><a class="toclink" href="#time_input_formats">TIME_INPUT_FORMATS</a></h4>
 <p>A list of format strings that should be used by default for parsing inputs to <code>TimeField</code> serializer fields.</p>
-<p>May be a list including the string <code>'iso-8601'</code> or Python <a href="https://docs.python.org/3/library/time.html#time.strftime">strftime format</a> strings.</p>
+<p>May be a list including the string <code>'iso-8601'</code> or Python <a href="https://docs.python.org/3/library/datetime.html#strftime-and-strptime-format-codes">strftime format</a> strings.</p>
 <p>Default: <code>['iso-8601']</code></p>
 <hr />
 <h2 id="encodings"><a class="toclink" href="#encodings">Encodings</a></h2>
 
@@ -569,9 +569,12 @@ <h2 id="creating-test-requests"><a class="toclink" href="#creating-test-requests
 # Using the standard RequestFactory API to create a form POST request
 factory = APIRequestFactory()
 request = factory.post('/notes/', {'title': 'new idea'})
+
+# Using the standard RequestFactory API to encode JSON data
+request = factory.post('/notes/', {'title': 'new idea'}, content_type='application/json')
 </code></pre>
 <h4 id="using-the-format-argument"><a class="toclink" href="#using-the-format-argument">Using the <code>format</code> argument</a></h4>
-<p>Methods which create a request body, such as <code>post</code>, <code>put</code> and <code>patch</code>, include a <code>format</code> argument, which make it easy to generate requests using a content type other than multipart form data.  For example:</p>
+<p>Methods which create a request body, such as <code>post</code>, <code>put</code> and <code>patch</code>, include a <code>format</code> argument, which make it easy to generate requests using a wide set of request formats.  When using this argument, the factory will select an appropriate renderer and its configured <code>content_type</code>.  For example:</p>
 <pre><code># Create a JSON POST request
 factory = APIRequestFactory()
 request = factory.post('/notes/', {'title': 'new idea'}, format='json')
@@ -580,7 +583,7 @@ <h4 id="using-the-format-argument"><a class="toclink" href="#using-the-format-ar
 <p>To support a wider set of request formats, or change the default format, <a href="#configuration">see the configuration section</a>.</p>
 <h4 id="explicitly-encoding-the-request-body"><a class="toclink" href="#explicitly-encoding-the-request-body">Explicitly encoding the request body</a></h4>
 <p>If you need to explicitly encode the request body, you can do so by setting the <code>content_type</code> flag.  For example:</p>
-<pre><code>request = factory.post('/notes/', json.dumps({'title': 'new idea'}), content_type='application/json')
+<pre><code>request = factory.post('/notes/', yaml.dump({'title': 'new idea'}), content_type='application/yaml')
 </code></pre>
 <h4 id="put-and-patch-with-form-data"><a class="toclink" href="#put-and-patch-with-form-data">PUT and PATCH with form data</a></h4>
 <p>One difference worth noting between Django's <code>RequestFactory</code> and REST framework's <code>APIRequestFactory</code> is that multipart form data will be encoded for methods other than just <code>.post()</code>.</p>
 
@@ -543,7 +543,7 @@ <h4 id="example"><a class="toclink" href="#example">Example</a></h4>
 CustomerReportSerializer():
     id = IntegerField(label='ID', read_only=True)
     time_raised = DateTimeField(read_only=True)
-    reference = CharField(max_length=20, validators=[&lt;UniqueValidator(queryset=CustomerReportRecord.objects.all())&gt;])
+    reference = CharField(max_length=20, validators=[UniqueValidator(queryset=CustomerReportRecord.objects.all())])
     description = CharField(style={'type': 'textarea'})
 </code></pre>
 <p>The interesting bit here is the <code>reference</code> field. We can see that the uniqueness constraint is being explicitly enforced by a validator on the serializer field.</p>