RESTful APIs With Tastypie

Presenter: Daniel Lindsley

Track: V

Description:

Providing full-featured REST APIs is an increasingly popular request. Tastypie allows you to easily implement a customizable REST API for your Python or Django applications.

How I learned to stop worrying and love JSON.

A REST framework for Django. Provides a web based API off of django.

  • Designed for extension
  • Supports both Model and non-Model data

Philosophy

  • Make good use of HTTP
    • Was written with servers in mind
  • Tries to be “of the internet” & use the REST methods/status codes properly

  • Graceful degradation - your API should be backwards compatible

  • Flexible serialization - not everybody wants JSON
    • Actually flexible everything. Customizability is a core feature
  • Data can round-trip
    • Anything you can GET, you should be able to POST/PUT
  • Reasonable defaults
    • But easy to extend
  • URIs everywhere!

HATEOAS - Hypermedia as teh engine of teh application state

  • the user shouldn’t have to know anything in advance
  • All about explore-ability
  • deep linking

What about Tastypie

  • Build ontop of Django - is a third party app and should play nicely

  • GET/POST/PUT/DELETE/PATCH

  • Any datasource (not just models)

  • designed to be extended

  • Supports a wide variety of serialization formats
    • json, xml, yaml, bplist
  • Well tested (80% coverage) and documented

The setup

pip install django-tastypie

  • once installed just add to isntalled apps and syncdb

Auth API

  • code goes in our apps, not Django

  • Don’t fork Django!!

  • make an api directory, make a resources.py in it with __init__.py

  • Set up a tastypie Resource for User

  • Next, set up URLConf importing the Resource urls

  • Pull up the url in a browser, you’re done
    • you get lists, specific users, the user schema “/schema” and get multiple users with “/multiple”
  • needs lxml, pyaml for the other formats

  • pagination by default

  • everyone has full read-only GET access

  • To exclude fields use the exclude attr on your Resource to pass a list of excluded fields

  • To add authentication, use the authentication attr

  • There is a filtering meta option as well
    • filter useing a querystring

Authorization

  • Not who you are, but can you do that
  • tastypie.authorization - in class Meta add in the authorization attr
  • tastypie.cache import SimpleCache - using the attr cache in class Meta for the Resource
  • throttling works the same as well

Extensibility

  • goal of the project was the give API developers lots of tools
  • classes make extending behavior trivial
  • composition > inheritance is the reason for the many classes in tastypie
  • hooks, hooks, hooks
  • tries to use reasonable defaults
  • serialization, authorization, authentication, pagination, caching
  • Resource has many methods, override or extend to your needs
  • Can specify what formats are available by using the serializer attr in Meta

HTML Serialization

  • can write a custom TemplateSerializer to output in HTML, override to_html()
  • to read the data back override from_html()
  • hook it up by using serializer attr in class Meta on Resource

Fields

  • maybe you don’t want to show your database schema, use fields for this
  • use ModelResource and can define fields just like a ModelForm
  • class Meta needs a queryset attr. Use exclude just like a ModelForm as well
  • you can control how data gets prepared (dehydrate) or accepted from the user (hydrate)
  • Can provide methods on your resource for non-simple things
  • dehydrate and hydrate work just like clean methods on ModelForms dehydrate_field_name - hydrate_field_name
  • ModelResource uses introspection to find the fields for you

Caching

  • caching is very simple. you should be using varnish

The talk got cut short, but was awesome. Would have like to have seen the rest of it.