python - tutorial - django vs django rest framework
Using django-rest-interface (6)
I have a django application that I'd like to add some rest interfaces to. I've seen http://code.google.com/p/django-rest-interface/ but it seems to be pretty simplistic. For instance it doesn't seem to have a way of enforcing security. How would I go about limiting what people can view and manipulate through the rest interface? Normally I'd put this kind of logic in my views. Is this the right place or should I be moving some more logic down into the model? Alternatively is there a better library out there or do I need to roll my own?
It's quite trivial to roll your own. Each REST URI maps to a view function. Each REST method (GET, POST, PUT, DELETE) is a simple condition in the view function.
And since this question still rated pretty highly in my searches on Google, I'll add this alternative to the mix: http://django-rest-framework.org/
My initial impression is that it does a very good job of embodying the RESTful API design principles described here: http://readthedocs.org/docs/restful-api-design/en/latest/
I think you should just create an application that connects to the webserver. There is a good answer to getting RESTful API calls into your django application. This means you'd basically just be creating a new front-end for your server.
It doesn't make sense to rewrite the entire django application as a desktop application. I mean, where do you want to store the data?
I would look into using django-piston http://bitbucket.org/jespern/django-piston/wiki/Home application if security is your main concern.
I have used django-rest-interface in the past, its reliable and though simple can be quite powerful, however django-piston seems more flexible going forward.
Well, from the look of things, there's an
authentication parameter to
Collection. (see this example: authentication.py)
Second, (even if Django doesn't have it yet,) there should probably be a middleware that does CSRF/XSRF form checking. (Oh, there seems to be one.) You should also be able to use the
permission_required decorators in the urls.py.
Framework for Implementing REST web service in Django
NOTE: Since this post was written,
django-pistonis no longer actively maintained. As others have mentioned, look into
Indeed, you can roll your own, but there's a lot of boilerplate involved.
django-piston is an exceptionally easy to use, and extensible, micro-framework. In addition to mocking up all the necessary views and url patterns, it supports directly mapping models to a REST interface, which is nice if you have a simple use case. I'd suggest looking into it.