Simple API built with Django Rest Framework. Token-based Authentication is used.
Provide CRUD operations on user objects in database.
- POST /api-token-auth/
- Create user authentication token;
- Data:
{ 'username': str, 'password': str }
- both fields are required; - Response:
{ 'token': str }
, status code 200.
- GET /api/users/
- List all users in database. Allowed to any user;
- Response:
[ { 'id': int, 'username': str, 'first_name': str, 'last_name': str, 'is_active': bool, 'last_login': str, 'is_superuser': bool }, ]
, status code 200.
- POST /api/users/
- Create a new user. Allowed to any user;
- Data:
{ 'username': str, 'first_name': str, 'last_name': str, 'password': str, 'is_active': bool }
- username, password and is_active fields are required; - Response:
{ 'id': int, 'username': str, 'first_name': str, 'last_name': str, 'is_active': bool, 'last_login': str, 'is_superuser': bool }
, status code 201.
- GET /api/users/{id}/
- Retrieve user object. Allowed to any user;
- Id: unique integer value identifying user;
- Response:
{ 'id': int, 'username': str, 'first_name': str, 'last_name': str, 'is_active': bool, 'last_login': str, 'is_superuser': bool }
, status code 200.
- PUT /api/users/{id}/
- Update user object. Requires authentication. Allowed to account owner or admin user;
- Id: unique integer value identifying user;
- Data:
{ 'username': str, 'first_name': str, 'last_name': str, 'password': str, 'is_active': bool }
- username, password and is_active fields are required; - Response:
{ 'id': int, 'username': str, 'first_name': str, 'last_name': str, 'is_active': bool, 'last_login': str, 'is_superuser': bool }
, status code 200.
- PATCH /api/users/{id}/
- Partially update user object. Requires authentication. Allowed to account owner or admin user;
- Id: unique integer value identifying user;
- Data:
{ 'username': str, 'first_name': str, 'last_name': str, 'password': str, 'is_active': bool }
; - Response:
{ 'id': int, 'username': str, 'first_name': str, 'last_name': str, 'is_active': bool, 'last_login': str, 'is_superuser': bool }
, status code 200.
- DELETE /api/users/{id}/
- Set user object is_active field to False. Requires authentication. Allowed to account owner or admin user;
- Id: unique integer value identifying user;
- Response: status code 204.
git clone https://github.com/AndyAnderson91/users-rest-api.git && cd users-rest-api
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
python manage.py collectstatic
python manage.py migrate
python manage.py createsuperuser
python manage.py runserver
9. From now local version is available at http://localhost:8000
Tests cover serializers.py, permissions.py and views.py modules. All tests are written with pytest-django plugin.
To run tests locally use pytest
command in terminal
Credentials for heroku version:
- username: admin
- password: mypass123