edX Django REST Framework Extensions
This library includes various cross-cutting concerns related to APIs. API functionality added to this library must be required for multiple Open edX applications or multiple repositories.
Some of these concerns include extensions of Django REST Framework (DRF), which is how the repository initially got its name.
Publishing a Release
After a PR merges, a new version of the package will automatically be released by Travis when the commit is tagged. Use:
git tag -a X.Y.Z -m "Releasing version X.Y.Z" git push origin X.Y.Z
Do not create a Github Release, or ensure its message points to the CHANGELOG.rst and ADR 0001-use-changelog.rst.
JWT Authentication and REST API Endpoints
JWT Authentication is the preferred method of authentication for Open edX API endpoints. See JWT Authentication README for more details.
CSRF API
One feature of this library is a csrf
app containing an API endpoint for retrieving CSRF tokens from the Django service in which it is installed. This is useful for frontend apps attempting to make POST, PUT, and DELETE requests to a Django service with Django's CSRF middleware enabled.
To make use of this API endpoint:
- Install edx-drf-extensions in your Django project.
- Add
csrf.apps.CsrfAppConfig
toINSTALLED_APPS
. - Add
'edx_rest_framework_extensions.auth.jwt.middleware.JwtAuthCookieMiddleware'
toMIDDLEWARE
. - Add
csrf.urls
to urls.py.
License
The code in this repository is licensed under Apache 2.0 unless otherwise noted.
Please see LICENSE.txt
for details.
How To Contribute
Contributions are very welcome.
Please read How To Contribute for details.
Reporting Security Issues
Please do not report security issues in public. Please email security@edx.org.