example - django rest framework vs django




Framework for Implementing REST web service in Django (6)

NOTE: Since this post was written, django-piston is no longer actively maintained. As others have mentioned, look into tastypie or django-rest-framework.

Indeed, you can roll your own, but there's a lot of boilerplate involved.

django-piston is an exceptionally easy to use, and extensible, micro-framework. In addition to mocking up all the necessary views and url patterns, it supports directly mapping models to a REST interface, which is nice if you have a simple use case. I'd suggest looking into it.

I'm looking to implement a RESTful interface for a Django application. It is primarily a data-service application - the interface will be (at this point) read-only.

The question is which Django toolsets / frameworks make the most sense for this task.

I see Django-rest and Django-piston. There's also the option of rolling my own.

The question was asked here, but a good two years back. I'd like to know what the current state of play is.

In this question, circa 2008, the strong majority vote was to not use any framework at all - just create Django views that reply with e.g. JSON. (The question was also addressed, crica 2008, here.)

In the current landscape, what makes the most sense?


Using django-rest-interface

Still true.

It's quite trivial to roll your own. Each REST URI maps to a view function. Each REST method (GET, POST, PUT, DELETE) is a simple condition in the view function.

Done.



Even with the Authentication parameter, you don't have fine-grained control over what people can do. The current implementation of the Django-REST interface doesn't track the user information, so you don't have this information available for doing fine-grained authorization checks.

See Issue #32.

However, it's relatively easy to extend it to add some features. I use a lot of subclasses to add features.

Updating the request with login information, however, is tricky in Django. Rather than do that, I leave the information in the Collection.

Right now, I'd estimate that between patches and subclasses, what I've written is about as big as rolling my own RESTful view functions.

Django-REST, however, gracefully and neatly handles HTTP Digest Authentication. I don't look forward to replacing theirs with some kind of decorator for my Django view functions.

[Maybe we should open a source forge project and work out a clean replacement?]


Well, from the look of things, there's an authentication parameter to Collection. (see this example: authentication.py)

Second, (even if Django doesn't have it yet,) there should probably be a middleware that does CSRF/XSRF form checking. (Oh, there seems to be one.) You should also be able to use the login_required and permission_required decorators in the urls.py.


Adding REST to Django

I'm thinking of falling back to simply writing view functions in Django that return JSON results.

  • Explicit
  • Portable to other frameworks
  • Doesn't require patching Django