/edx-drf-extensions

edX extensions for Django REST Framework

Primary LanguagePythonApache License 2.0Apache-2.0

edX Django REST Framework Extensions CI Codecov

This library includes various cross-cutting concerns related to APIs. API functionality added to this library must be required for multiple Open edX applications or multiple repositories.

Some of these concerns include extensions of Django REST Framework (DRF), which is how the repository initially got its name.

Publishing a Release

After a PR merges, a new version of the package will automatically be released by Travis when the commit is tagged. Use:

git tag -a X.Y.Z -m "Releasing version X.Y.Z"
git push origin X.Y.Z

Do not create a Github Release, or ensure its message points to the CHANGELOG.rst and ADR 0001-use-changelog.rst.

JWT Authentication and REST API Endpoints

JWT Authentication is the preferred method of authentication for Open edX API endpoints. See JWT Authentication README for more details.

CSRF API

One feature of this library is a csrf app containing an API endpoint for retrieving CSRF tokens from the Django service in which it is installed. This is useful for frontend apps attempting to make POST, PUT, and DELETE requests to a Django service with Django's CSRF middleware enabled.

To make use of this API endpoint:

  1. Install edx-drf-extensions in your Django project.
  2. Add csrf.apps.CsrfAppConfig to INSTALLED_APPS.
  3. Add 'edx_rest_framework_extensions.auth.jwt.middleware.JwtAuthCookieMiddleware' to MIDDLEWARE.
  4. Add csrf.urls to urls.py.

License

The code in this repository is licensed under Apache 2.0 unless otherwise noted.

Please see LICENSE.txt for details.

How To Contribute

Contributions are very welcome.

Please read How To Contribute for details.

Reporting Security Issues

Please do not report security issues in public. Please email security@edx.org.