A comprehensive Django RESTful API project for managing toys and drones, including their categories, pilots, and competitions. This project demonstrates advanced Django REST Framework features, custom permissions, filtering, pagination, and API versioning.
- RESTful API endpoints for managing toys, drones, drone categories, pilots, and competitions
- CRUD operations for all main entities with proper HTTP methods
- Modular Django app structure (
toys,drones) - Django REST Framework for serialization and API views
- PostgreSQL as the database backend
- Custom pagination with upper bound limit
- Advanced filtering using Django Filter Backend
- Search and ordering functionality
- Token-based authentication for pilot endpoints
- Custom permissions for drone management
- API versioning support (v1 and v2)
- Rate limiting with configurable throttling
- CORS support for cross-origin requests
- Environment variables support for secure configuration
- Custom pagination class with maximum limit enforcement
- Custom permission classes for object-level permissions
- Advanced filtering with date ranges and numeric filters
- API versioning with namespace-based versioning
- Rate throttling with different limits for different user types
- Comprehensive test suite with pytest configuration
src/
βββ restful01/ # Main Django project settings
β βββ __init__.py
β βββ settings.py # Project configuration
β βββ urls.py # Main URL configuration
β βββ asgi.py # ASGI configuration
β βββ wsgi.py # WSGI configuration
βββ toys/ # Toys app
β βββ __init__.py
β βββ admin.py # Django admin configuration
β βββ apps.py # App configuration
β βββ models.py # Toy model
β βββ serializers.py # Toy serializers
β βββ views.py # Toy views
β βββ urls.py # Toy URL patterns
β βββ tests.py # Toy tests
β βββ migrations/ # Database migrations
βββ drones/ # Drones app (main app)
β βββ __init__.py
β βββ admin.py # Django admin configuration
β βββ apps.py # App configuration
β βββ models.py # Drone-related models
β βββ serializers.py # Drone serializers
β βββ views.py # Drone views
β βββ urls.py # Drone URL patterns
β βββ tests.py # Drone tests
β βββ custompagination.py # Custom pagination class
β βββ custompermission.py # Custom permission classes
β βββ filters.py # Custom filters
β βββ migrations/ # Database migrations
β βββ v2/ # API version 2
β βββ urls.py # V2 URL patterns
β βββ views.py # V2 views
βββ manage.py # Django management script
βββ requirements.txt # Project dependencies
βββ pytest.ini # Pytest configuration
βββ db.sqlite3 # SQLite database (development)
βββ README.md # This file
GET /toys/- List all toysPOST /toys/- Create a new toyGET /toys/<id>/- Retrieve a specific toyPUT /toys/<id>/- Update a toyDELETE /toys/<id>/- Delete a toy
-
GET /drone-categories/- List all drone categories -
POST /drone-categories/- Create a new drone category -
GET /drone-categories/<id>/- Retrieve, update, or delete a drone category -
PUT /drone-categories/<id>/- Update a drone category -
DELETE /drone-categories/<id>/- Delete a drone category -
GET /drones/- List all drones -
POST /drones/- Create a new drone -
GET /drones/<id>/- Retrieve, update, or delete a drone -
PUT /drones/<id>/- Update a drone -
DELETE /drones/<id>/- Delete a drone -
GET /pilots/- List all pilots (requires authentication) -
POST /pilots/- Create a new pilot (requires authentication) -
GET /pilots/<id>/- Retrieve, update, or delete a pilot (requires authentication) -
PUT /pilots/<id>/- Update a pilot (requires authentication) -
DELETE /pilots/<id>/- Delete a pilot (requires authentication) -
GET /competitions/- List all competitions -
POST /competitions/- Create a new competition -
GET /competitions/<id>/- Retrieve, update, or delete a competition -
PUT /competitions/<id>/- Update a competition -
DELETE /competitions/<id>/- Delete a competition -
GET /- API root with links to all endpoints
GET /v2/vehicle-categories/- List all drone categories (v2 naming)GET /v2/vehicles/- List all drones (v2 naming)GET /v2/pilots/- List all pilots (v2)GET /v2/competitions/- List all competitions (v2)
class LimitOffsetPaginationWithUpperBound(LimitOffsetPagination):
max_limit = 8- Default page size: 4 items
- Maximum limit: 8 items per request
- Prevents excessive data retrieval
- Only drone owners can update/delete their drones
- Read access for all users
- Applied to drone endpoints
- Date range filtering for competitions
- Distance range filtering
- Filter by drone and pilot names
- Python 3.x
- PostgreSQL
- pip (Python package manager)
git clone <https://github.com/m7md158/Restapibook.git>
cd src# Windows
python -m venv venv
venv\Scripts\activate
# macOS/Linux
python -m venv venv
source venv/bin/activatepip install -r requirements.txt- Ensure PostgreSQL is running
- Create a database named
drones - Update database credentials in
restful01/settings.pyif needed
python manage.py migratepython manage.py createsuperuserpython manage.py runserver- API Root:
http://localhost:8000/ - Toys API:
http://localhost:8000/toys/ - Drones API:
http://localhost:8000/drone-categories/ - Admin Interface:
http://localhost:8000/admin/ - API Authentication:
http://localhost:8000/api-auth/
- Django 5.2.2 - Web framework
- djangorestframework 3.16.0 - REST API framework
- psycopg2-binary 2.9.10 - PostgreSQL adapter
- django-filter 25.1 - Advanced filtering
- pytest 8.4.1 - Testing framework
- pytest-django 4.11.1 - Django test integration
- httpie 3.2.4 - HTTP client for testing
- requests 2.32.4 - HTTP library
- rich 14.0.0 - Terminal formatting
# Run all tests
pytest
# Run tests with verbose output
pytest -v
# Run tests for specific app
pytest toys/
pytest drones/
# Run tests with coverage
pytest --cov=.- Pytest configuration in
pytest.ini - Django settings module configured
- Test file patterns:
tests.py,test_*.py,*_tests.py
- Token Authentication for pilot endpoints
- Session Authentication for admin interface
- Basic Authentication for API access
- Custom object-level permissions for drone management
- User ownership validation for drone operations
- Read-only access for non-owners
- Anonymous users: 300 requests/hour
- Authenticated users: 100 requests/hour
- Drone endpoints: 200 requests/hour
- Pilot endpoints: 150 requests/hour
- Standard endpoint naming
- Full CRUD operations
- All features enabled
- Alternative endpoint naming (
vehiclesinstead ofdrones) - Same functionality as v1
- Can be enabled by uncommenting v2 URLs in
restful01/urls.py
curl "http://localhost:8000/competitions/?min_distance_in_feet=100&max_distance_in_feet=500"curl "http://localhost:8000/drones/?limit=4&offset=8"- Field Name Typo: The
Dronemodel usesonwerinstead ofowner- this is intentional in the current codebase - V2 API Disabled: Version 2 endpoints are commented out in the main URL configuration
- SQLite Database: The project includes
db.sqlite3but is configured for PostgreSQL
- Follows Django best practices
- Uses Django REST Framework conventions
- Implements proper model relationships
- Includes comprehensive serializers
- Custom pagination prevents large data sets
- Database indexing on frequently queried fields
- Efficient filtering with Django Filter Backend
- Modular app structure allows easy extension
- API versioning support for backward compatibility
- Configurable rate limiting
- Environment-based configuration
- Django Documentation
- Django REST Framework Documentation
- PostgreSQL Documentation
- Pytest Documentation
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests for new functionality
- Run the test suite
- Submit a pull request
This project is for educational purposes and demonstrates Django REST Framework best practices.
Note: This project is configured for development. For production deployment, ensure to:
- Set
DEBUG=False - Update
ALLOWED_HOSTS - Use a strong, unique
SECRET_KEY - Configure proper database credentials
- Set up HTTPS
- Configure proper logging
- Set up monitoring and error tracking