python - tutorial - django vs django rest framework

Using django-rest-interface (6)

I have a django application that I'd like to add some rest interfaces to. I've seen but it seems to be pretty simplistic. For instance it doesn't seem to have a way of enforcing security. How would I go about limiting what people can view and manipulate through the rest interface? Normally I'd put this kind of logic in my views. Is this the right place or should I be moving some more logic down into the model? Alternatively is there a better library out there or do I need to roll my own?

Using django-rest-interface

Still true.

It's quite trivial to roll your own. Each REST URI maps to a view function. Each REST method (GET, POST, PUT, DELETE) is a simple condition in the view function.


I think you should just create an application that connects to the webserver. There is a good answer to getting RESTful API calls into your django application. This means you'd basically just be creating a new front-end for your server.

Using django-rest-interface

It doesn't make sense to rewrite the entire django application as a desktop application. I mean, where do you want to store the data?

I would look into using django-piston application if security is your main concern.

I have used django-rest-interface in the past, its reliable and though simple can be quite powerful, however django-piston seems more flexible going forward.

Well, from the look of things, there's an authentication parameter to Collection. (see this example:

Second, (even if Django doesn't have it yet,) there should probably be a middleware that does CSRF/XSRF form checking. (Oh, there seems to be one.) You should also be able to use the login_required and permission_required decorators in the

Framework for Implementing REST web service in Django

NOTE: Since this post was written, django-piston is no longer actively maintained. As others have mentioned, look into tastypie or django-rest-framework.

Indeed, you can roll your own, but there's a lot of boilerplate involved.

django-piston is an exceptionally easy to use, and extensible, micro-framework. In addition to mocking up all the necessary views and url patterns, it supports directly mapping models to a REST interface, which is nice if you have a simple use case. I'd suggest looking into it.