Authentication is the mechanism of identifying/verifies a user during an incoming request.
Authentication gives us some advanced behavior like:
* Restriction on create, update or delete
* Unauthenticated requests should have read-only access.
* Adding throttling policies
The token authentication works by exchanging username and password for a token that will be used
in all subsequent requests so to identify the user on the server side.
Token authentication is suitable for client-server applications, where the token is safely stored.
You should never expose your token, as it would be (sort of) equivalent of a handing out your username and password.
contains or icontains for exact matches.Q object can be used as well to add AND (&) or OR (|) logical operators.from django.db.models import Q
ProductDetail.objects.filter(Q(name__icontains=query))
Quote.objects.filter(Q(name__icontains=query) | Q(quote__icontains=query))
django.contrib.postgres must be in your INSTALLED_APPS.INSTALLED_APPS += ['django.contrib.postgres']
ProductDetail.objects.filter(name__search=query)
Entry.objects.annotate(search=SearchVector('body_text') + SearchVector('blog__tagline')).filter(search=query)
Quote.objects.annotate(search=SearchVector("name", "quote")).filter(search=query)
SearchQuery translates the terms the user provides into a search query object that the database compares to a search vector. By default, all the words the user provides are passed through the stemming algorithms, and then it looks for matches for all of the resulting terms.
[Read More]CORS is a security mechanism enforced by web browsers to restrict cross-origin HTTP requests.
CORS is a mechanism implemented by browsers that block websites to request data from some other URL.
When a browser makes a request, it adds an origin header to the request message.
If it goes to the server of the exact origin, it is allowed by the browser; if it does not, the browser blocks it.
gets error like Cross-Origin Request Blocked
Print statement generally does not work in production so, to get message we use logger
Python's built-in logging module to leverage system logging.
DEBUG: 10 --> Low-level system information
INFO: 20 --> General system information
WARNING: 30 --> Minor problems related information
ERROR/EXCEPTION: 40 --> Major problems related information
CRITICAL: 50 --> Critical problems related information
dblogger.debug("Test Debug")
dblogger.info("Test Info")
dblogger.warning("Test Warning")
dblogger.warn("Test Warn") # Depricated
dblogger.error("Test Error")
dblogger.exception("Test Exception")
dblogger.critical("Test Critical")
Handlers basically determine what happens to each message in a logger eg: write to a file or console.
[Read More]API rate limiting is a technique used to control the number of requests a user or client can make to an API within a specific time frame. In Django, you can implement rate limiting using third-party libraries like Django REST Frameworkโs (DRF) throttling or by integrating specialized libraries like django-ratelimit.
DRF provides built-in throttling classes to enforce rate limits.
Period should be one of: (โsโ, โsecโ, โmโ, โminโ, โhโ, โhourโ, โdโ, โdayโ)
[Read More]
Share
Share
Share
Tweet
Share
Share
