I just want to know if django restframework allows to do that or I have to create a token model and generate token for users and authenticate them by comparing the received token all in my code.

DRF has a beautiful TokenAuthentication to implement what you wanna do but in the best way

Suppose my user want to access a web site which is blocked for him he can just do this https://app.scrapingbee.com/api/v1?api_key=YOUR_APIKEY&url=YOUR_URL And view the website in browser easily. While he cannot consume my api at all if I make it header authentication. I am trying to find a easy way for user to consume api and also track his number of api calls

Suppose my user want to access a web site which is blocked for him he can just do this https://app.scrapingbee.com/api/v1?api_key=YOUR_APIKEY&url=YOUR_URL And view the website in browser easily. While he cannot consume my api at all if I make it header authentication. I am trying to find a easy way for user to consume api and also track his number of api calls

Frontend devs can use fake data to go ahead with their job without waiting real data service to be built by backend team

I did already read drf docs before asling here and in TokenAuthentication it askes me to send header Authentication: Api-key xxxxxxxxxxx While I am asking for token in Url. I will read again itp see if I missed some part.

Can you please describe how it will be look like? At the moment we want to make as follows: In idea front makes own context in views.py and work with them in template(front can get simple data from DB by own, such as is_autherised, post_list and so on, using some filters to hide and show necessary html code in one page) And next the back just need to get more complex information and maybe make some changes in templates But the main idea is that front uses named fields from context and later backenders can understand what fields were used and for what

There are 1000's of web apps that use api key in URL. I know it's a security risk. My api is not serving any sensitive info it's there just to track number of api call each user is making. I don't understand why no one is answering how I can do that and instead suggest me better ways that I already know. I want token in url just like many other apps, only question is if there is already a way or I have to code the logics myself.

There are 1000's of web apps that use api key in URL. I know it's a security risk. My api is not serving any sensitive info it's there just to track number of api call each user is making. I don't understand why no one is answering how I can do that and instead suggest me better ways that I already know. I want token in url just like many other apps, only question is if there is already a way or I have to code the logics myself.

There are 1000's of web apps that use api key in URL. I know it's a security risk. My api is not serving any sensitive info it's there just to track number of api call each user is making. I don't understand why no one is answering how I can do that and instead suggest me better ways that I already know. I want token in url just like many other apps, only question is if there is already a way or I have to code the logics myself.

There are 1000's of web apps that use api key in URL. I know it's a security risk. My api is not serving any sensitive info it's there just to track number of api call each user is making. I don't understand why no one is answering how I can do that and instead suggest me better ways that I already know. I want token in url just like many other apps, only question is if there is already a way or I have to code the logics myself.

Theres 1000s of websites that store passwords in plain text, doesnt mean you should too

also chances are you'll have to do the logic yourself

Thanks that was the answer I was in need of

That's why nowadays frontend and backend are fully decoupled So frontend devs can work without knowing Django / python If you still are at first stage , think a bit more if there's the skills for using modern frontend frameworks

Hmm I don't quite understand you) You said front to use fake data - but what's the data? where he should take them? Will it be easy backenders to insert dynamical data from views? And what frameworks can you suggest?)

Backend team must know what data is building up so it's easy to tell frontend devs you will receive data in this format

Yes, that make the sense So we need to discuss what the data receives each template and then fronts and back work separately, right? But how frontender to make fake data? can you please give some examples?

Let's say they will use javascript fetch API ( or Ajax ) And your backend will send as response a json like { "name" : "A real name" } They can use a fake json like { "name" : "Foo" } And keep working on UI/UX

I think I got it, thank you!!)

I think I got it, thank you!!)

Hi! I have django + drf on backend and react on frontend. The architecture of the app implies that we serve frontend and backend as two independent entities. For authentication we chose to use session basaed authentication. I have a couple of questions regarding login+logout process and csrf. DRF docs mention that for logging in we must use default django login view (because of security concerns). I though that we could redirect all login requests to django(via webserver like nginx or caddy) and then redirect back to frontend. Is it a fine solution, or maybe react can make POST requests to some simple api endpoint where we would manualy authenticate and login users. Also, http methods such as POST,PUT,PATCH require csrf token. Do we need another endpoint for obtaining csrf tokens, or can we simply set csrf in login view and that would be enough? Thanks in advance)

I think I got it, thank you!!)

What is the best model field for storing comments

https://docs.djangoproject.com/en/3.0/ref/models/querysets/#django.db.models.query.QuerySet.distinct

its shows error - DISTINCT ON fields is not supported by this database backend

i have too much data with same value in database and i want to show only one time that who have a exact same value so how i do that like same name shows only one time when i retrieve data

A python question, suppose I have list a = [1,2,3] and a var = 5, I want to keep looping over the list 5 times and get 2, what's the most pythonic way to achive this.

Here is one: import operator a = [1, 2, 3] var = 5 for i in range(var): two=operator.itemgetter(1)(a) print(two)

What database are you using?

its shows error - DISTINCT ON fields is not supported by this database backend

https://stackoverflow.com/questions/54249017/distinct-on-fields-is-not-supported-by-this-database-backend

So i have to use postgresql for using of distinct

So i have to use postgresql for using of distinct

or use python after the distinct query value

Not exactly

How ?

It should return 3 for 6 like a circular list but it's returning 2.

Then what ?

Please help i dont have time to make the code tomorrow is my submission day.

Reverse for 'post-delete' with arguments '('',)' not found. 1 pattern(s) tried: ['post\\/(?P<pk>[0-9]+)\\/delete\\/$']