Usage for filtering

[bodgerbarnett]

I am developing a REST API with DRF for an events site which serves multiple domains. So there's a bunch of events that are particular to SiteA and a load more that are tied to SiteB.

Initially, I was planning to leave the API totally open (for reading) and allow filtering based on the site (something like /events/?site=sitea.com/) but then it occurred to me that anyone can then access every single event in my system which I don't really want.

I'm writing a frontend for it using Nuxt and I wondered about using this library to allow the event filtering. The idea would be that each Site would have it's own API_KEY and the Nuxt frontend would send this along with the HTTP requests to obtain the events. That API_KEY would then be tied to a particular Site in the database and that could be used to only return the appropriate events.

Before I go off down this road, is that a valid usage of this library? It sounds like it is but I just wanted to check that this all makes sense as I'm fairly new to DRF and this sort of thing.

Thanks in advance!