Installation and Setup

DRF's installation is pretty straightforward. 0:00 The first thing you'll need to do is install django rest frameware package 0:03 using PIP. 0:07 So I'm gonna quit my server here that I had running and 0:08 I will do Pip install djangorestframework all as one big long word. 0:13 Now on workspaces I already have those installed, 0:20 you of course will need to install it at home. 0:23 So once that finishes, I'm gonna hop over here to my settings.py and 0:25 I need to add this into my installed apps, as you pretty much always need to do. 0:31 So I'm gonna put it in here before courses, 0:38 which is the app that I've started you all with. 0:41 And just because I like to have django stuff and 0:45 then third party packages and then my own stuff. 0:49 I think I've talked about that before. 0:52 While we're here in the settings file, you can go ahead and 0:54 add the global authentication and 0:57 permissions rules that Django rest framework will use for the API. 0:59 I'm gonna do all of this together way down here at the bottom so 1:03 it's all just in one place, and keeping kind of with Django's thing here, 1:07 I'm just gonna do REST Framework, that way I can just kind of search for stuff. 1:11 So all of DRF's settings go into a dictionary that's named REST_FRAMEWORK. 1:17 And this is kind of nice because it makes it fairly easy to find it, 1:24 you just find something with that name, right. 1:26 So let's add in these keys, the first key we're going to add in is 1:29 DEFAULT_AUTHENTICATION_CLASSES and 1:32 this key defines what the, as you can probably guess, 1:40 the default authentication classes are. 1:44 So these are the default ways that rest framework will use to authenticate a user. 1:46 The first item in the tuple here for this one is gonna be 1:52 rest_framework.authentication.SessionAuth- entication. 1:55 And so that just makes it use Django's standard session authentication. 2:02 Notice that this is a tuple. 2:06 So you'll need to make sure and include a comma since there's only one item. 2:08 Otherwise it won't show up as a tuple as far as Python is concerned. 2:11 So that's authentication figuring out who someone is. 2:16 The next thing to set up by default is permissions. 2:19 So this key is going to be the DEFAULT_PERMISSION_CLASSES and 2:22 it's also going to be a tuple and it's going to be rest-framework 2:29 .permissions.isauthenticatedforreadonly and 2:36 again couple single item has to have a comma. 2:42 So authentication is how we identify a user, it's how rest framework says, okay, 2:48 this is user A, this is user B, and then permissions is how rest framework says, 2:54 okay, user A can do this, user B can do that, 2:59 user C doesn't have any of these, so don't let him do anything. 3:02 And this is AuthenticatedOrReadOnly class. 3:07 Specifies that if the user is logged in, if they're authenticated, 3:11 REST framework knows who they are, then they are allowed to do stuff. 3:15 They can create records, edit records and delete records. 3:20 If they're not authenticated, then everything is read only. 3:24 All they can do is see data, they can't actually do anything with the data. 3:28 Straightforward enough, nothing too weird here. 3:33 These will get changed later on but for now these are really good defaults. 3:37 All right, so you're now done with the settings file, you can those that, 3:40 get rid of that, you'll come back to it later, but you need to set up some URLs so 3:45 that you can actually authenticate yourself with Django rest framework. 3:50 So what we're gonna do is here in url.py in this url patterns, 3:55 I'm gonna add a new rule and it's going to start with api-auth and 4:01 then I'm going to include rest_framework .urls, 4:08 and I'm gonna give it a namespace of rest_framework. 4:13 Am I over my 80, I am, darn. 4:18 All right, there we go. 4:23 So, this gives me a place to go and log in. 4:25 So with this last step completed, I'm gonna go ahead and launch the server. 4:28 And there it is and I'm gonna come over here to my 4:33 browser that already have open on the preview server and 4:38 I'm gonna go to api-auth/login. 4:44 Oops! 4:48 I forgot to import include. 4:51 All right, let's import that. 4:54 I should restart and refresh. 4:56 Cool, there we go. 5:00 All right so I already have a user set up. 5:00 So, I'm gonna go ahead and log in with that user. 5:03 The user name is kennethlove and the password is test password. 5:05 Now if you want to create your own super user you will have to use the create super 5:11 user manage dot pi command and then put in whatever username and password you want. 5:16 As you can see, we now get this error because accounts profile doesn't exist. 5:23 That's cool, the API now knows that we're authenticated. 5:26 It just can't redirect me to this default page because 5:29 that default page doesn't exist. 5:32 I did not create that route. 5:34 If you'd like to create that route, go ahead, but you really don't have to. 5:35