This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Recommendations of Python REST (web services) framework?
I'm looking for a RESTful Python (preferably Python 3) web framework. It should have the following things:
configurable URLs
URL generation
support for file uploads
authentication (http basic auth, cookie based)
content-negotiation
based on WSGI
ability to answer requests with HTTP verbs not supported by the requested resource correctly (example: if someone sends PUT but the resource only supports POST and GET, the application should answer with the allowed methods POST and GET)
support for caching headers
transform/render results
What would you recommend?
pyramid 1.3 has python 3.2 support
http://www.pylonsproject.org/projects/pyramid/about
docs: http://docs.pylonsproject.org/projects/pyramid/en/1.3-branch/
requests: http://docs.pylonsproject.org/projects/pyramid/en/1.3-branch/narr/webob.html#request
view config decorator: http://docs.pylonsproject.org/projects/pyramid/en/1.3-branch/narr/viewconfig.html
gives the ability to write specific views for each request method to the same route e.g.
#view_config(route_name='wiki', renderer='base.pt', request_method='POST')
def view(request):
return {'a': None}
#view_config(route_name='wiki', renderer='base.pt', request_method='PUT')
def view(request):
return {'a': None}
you should glance at this link, Recommendations of Python REST (web services) framework?
in this link #martin has gave really good example for developing your own rest-api. i dont know any RESTful framework which meets your all needs but you can develop your own.
and you can check Flask and Bottle. they are fast, simple and lightweight WSGI micro web-framework for Python...
It sounds like you have a good bit of experience with HTTP. You should check out CherryPy, which is much more of an HTTP framework than a web framework. That point of view allows you to leverage HTTP in ways that the other frameworks generally try to hide from you. CherryPy can do all of the things you requested: flexible configuration is one of its selling points, and it ships with tools for caching, the Allow header, auth, and negotiation. Version 3.2 abandoned the restrictive cgi module for processing uploads and now supports upload temp files, streaming, and automatic pre-processing based on media type.
The non-blocking webserver and framework Tornado looks promising. It's a bit like web.py with an event driven model like the JavaScript framework node.js (but with a more convenient language). But I have not tested it yet.
Related
I'm now writing my engineering thesis about REST and REST APIs, mostly focusing on Django REST framework as it was the framework we used in our engineering project. I just finished writing about the guidelines for API to be RESTful stated by Roy Fielding and I wanted to start section with implementations of REST architecture in Django REST Framework, but then I realized I don't really know why this framework is RESTful. I know what main paradigms are for API to be RESTful, but I don't know what specific parts of framwork inplements for example that our service is stateless or layered. Maybe someone can pinpoint what parts of django rest framework corresponds to specified guidelines for service to be RESTful ? If It's wrong site to ask this type of question then I'm sorry, but any help would be greatly appreciated.
Let's go through the points that make API a RESTful one
1. Client-server architecture
The very essence of the fact that you are developing a backend server, which is not part of your application UI is the point of this client-server architecture.
Every app you develop with Django Rest Framework (from now on DRF) is a backend API, which is separated from the client.
2. Statelessness
I cannot pin point the exact code line that shows why DRF is statelessness but its somewhere deep between Django and the WSGI/ASGI interface.
Somewhere in there you have some kind of code like this:
while True:
request = io.listen_for_request()
response = handle_request(request)
return response
This "very pseudo" code is stateless! why? because we don't save or rely on any information between requests
3. Cacheability
This one is fairly simple, Django and DRF support caching link
4. Layered system
This concept is kinda hard to correlate directly to DRF or Django. This is mainly done through the HTTP protocol.
5. Code on demand (optional)
Servers can temporarily extend or customize the functionality of a client by transferring executable code: for example, compiled components such as Java applets, or client-side scripts such as JavaScript.
Basically Django Templates. It allows you to send forms and pages as part of your endpoints.
6. Uniform Interface
Last but not least, the famous uniform interface. DRF helps you build your REST API interface by creating endpoints with the help of Generic views. Those generic views help you create a full CRUD (create, read...) endpoint on a Django model with little to no effort. The created endpoint follows the Rest API interface of url structure for a resource.
As the basic framework core:
Request Lifecycle REST
Routing
Requests & Input
Views & Responses
Controllers
Errors & Logging
And these features would make our dev easy and fast:
Authentication
Cache
Core Extension
Events
Facades
Forms & HTML
IoC Container
Mail
Pagination
Queues
Security
Session
SSH
Templates
Unit Testing
Validation
And really good support for MongoDB.
Is there any such framework?
There is a fork of Django that supports non relational databases. For my own projects I prefer to use a hybrid: standard (relational) Django, with MongoEngine for entities I want to store in MongoDB. The syntax is almost identical to django.db models.
I'm kinda confused by the desire of a "REST lifecycle" combined with features like "Session", "Input", etc.
For a general purpose Web/API application you might want to check out on Flask and Flask-PyMongo. Could be a good match for your use case.
If you're looking into building a RESTful Web Service, then the Eve REST API framework (which is powered by Flask and supports MongoDB out of the box) could be a good choice. You can then peek into the source of extensions like Eve-Docs to learn how to, eventually, integrate the webservice with HTML/static/dynamic pages (Flask style.)
Try Django.. im not sure but worth trying
I have a django project, in which i expose a few api endpoints (api endpoint = answers to get/post, returns json response, correct me if im wrong in my definition). Those endpoints are used by me on front end, like update counts or get updated content, or a myriad other things. I handle the representation logic on server side, in templates, and in some cases send a rendered to string template to the client.
So here are the questions im trying to answer:
Do i need to have some kind of authentication between the clients and the server?
Is django cross origin protection enough?
Where, in this picture, fit such packages like django-oauth-toolkit? And django-rest-framework?
if i don't add any authentication between clients and server, am i leaving my server open for attacks?
Furthermore, what goes for server-to-server connection? Both servers under my control.
I would strongly recommend using django-tastypie for server to client communication.
I have used it in numerous applications both server to server or server to client.
This allows you to apply the django security as well as some more logic regarding the authorization process.
It offers also out of the box:
throttling
serialization in json, xml, and other formats
authentication (basic, apikey, customized and other)
validation
authorization
pagination
caching
So, as an overall overview i would suggest on building on such a framework that would make your internal api more interoperable for future extensions and more secure.
To specifically now answer your question, i would never enable any server api without at least some basic authentication/authorization.
Hopefully i answer your questions on how you can deliver all of your above worries with a framework.
The django-rest-framework that you ask for, is also really advanced and easy to use, but i prefer tastypie for the reasons i explain.
I hope i helped a bit!
I was wondering how to create a django webservice (responds with XML) with websockets.
I have already a django webservice which accepts xml requests, parse those requests, makes a database query, creates a response xml and send that xml back to the requester/browser. Just a normal HTTP XML request, where the response is shown as xml within the browser.
But how would i now create a websocket django webservice? Lets say i would like to send a xml response to the requester/browser with the latest data from database whenever a new magical event occurs.
I have read a lot of posts and blogs but it was kinda all too general. Can i solve this only with django + apache or do i need something else next to django and another server only to handle websockets?
I am right now using django 1.3, Apache + wsgi but i would be ready to switch any configuration that would work.
Update:
There are many possible websockets out there,
http://pypi.python.org/pypi?:action=search&term=websocket&submit=search
but which one could be used in my case?
Sorry but django handles async requests very very poorly as it is wsgi. You'll be limited by your number of parallel instance if you have to handle real users. The best solution is to use tornado or node.js.
Tornado handles websocket and long polling brilliantly. Here is my wrapper to allow getting user and sessions from a parallel tornado thread:
https://gist.github.com/1939836
It's adapted from a more complex source, I didn't tested this gist, it's long polling but tornado handlse WebSocket as well.
http://www.tornadoweb.org/documentation/websocket.html
update:
Avoid django-websocket for production use. Even the main developer recommends against it.
I recommend Tornado because it's an awesome technology which is damningly faster/lighter than django. It may be useful for some simple cases. You'll need to configure apache/nginx anyway so, at least get "faster web pages" feature available.
Django-Desktop-Notification focuses on chrome browser and require node.js.
update (01/2016):
Mozilla gave money to django in late 2015 to solve this particular issue, the current most promizing implementation made by a django core dev is this one:
https://github.com/andrewgodwin/channels
It will probably be part of django 1.11 or 2.0
Although it's a bit complicated to setup (but probably the way to go), you could use gunicorn + gevent + socket.io .
I used this article to guide my way through it.
You might also look at server sent events (the article mentioned above looks at that too). If they suit your needs, it would be a bit easier to set up - since you don't have to set up socket.io and you don't need a client library. One catch though - SSE are not supported in IE.
Yeah, django is not all that great when it comes to asynchronous stuffs. My advice for you would be to use twisted as it has a lot of websocket libraries. If you really need to use django..you can make django act just as a pass through, for all the api stuff you build using twisted.
I am currently working on a project to create simple file uploader site that will update the user of the progress of an upload.
I've been attempting this in pure python (with CGI) on the server side but to get the progress of the file I obviously need send requests to the server continually. I was looking to use AJAX to do this but I was wondering how hard it would be to, instead of changing to some other framerwork (web.py for instance), just write my own web server for receiving the XML HTTP Requests?
My main problem is that sending the request is done from HTML and Javascript so it all seems like magic trickery at the moment.
Can anyone advise me as to the best way to go about receiving these requests on the server?
EDIT: It seems that a framework would be the way to go. Would web.py be a good route to take?
I would recommend to use a microframework like Sinatra for Ruby. There seem to be some equivalents for Python. What python equivalent of Sinatra would you recommend?
Such a framework allows you to simply map a single method to a route.
Writing a very basic HTTP server won't be very hard (see http://docs.python.org/library/simplehttpserver.html for an example), but you will be missing many features that are provided by real servers and web frameworks.
For your project, I suggest you pick one of the many Python web frameworks and run your application behind Apache/mod_wsgi.
There's absolutely no need to write your own web server. Plenty of options exist, including lightweight ones like nginx.
You should use one of those, and either your own custom WSGI code to receive the request, or (better) one of the microframeworks like Flask or Bottle.