# Django API Development & Deployment

## Session 4: API Development with Django REST Framework - Part 2
* Creating API views (APIView, ViewSet, GenericViewSet)
* CRUD Operations & Authentication
* Creating RESTful endpoints (GET, POST, PUT, DELETE)
* Implementing Token-based & JWT authentication
* Using Postman for API testing

In the previous session, we built our first API endpoint for the Coupon model using Django REST Framework’s APIView. We defined a serializer, created an APIView, and linked it to a URL. Now, we’ll enhance this with CRUD operations, more advanced ViewSets, and authentication mechanisms.

### API Views: ViewSet & GenericViewSet
DRF provides abstraction layers for building APIs faster:
* ViewSet:
    * Combines logic for a set of related views (e.g., GET all, GET one, POST, PUT, DELETE)
    * Automatically maps to URLs using DRF's routers
* GenericViewSet:
    * Combines ViewSet with GenericAPIView and mixins for reusable actions

Update serializers.py

Then let's add a ViewSet for Product. *views.py*

Registering ViewSets using Routers. *ecom/api/urls.py*

DRF provides automatic URL routing for ViewSets via routers.

### CRUD Operations

With ModelViewSet, all CRUD operations are automatically handled:

|Operation |HTTP Method	|URL	|Action|
|----------|-----------------------|--------------------------|-----------------------|
|Create	   |POST	|/api/products/	|Create a new product|
|Read	|GET	|/api/products/	|Retrieve a list of products|
|Read	|GET	|/api/products/<id>/	|Retrieve a single product by ID|
|Update	|PUT/PATCH	|/api/products/<id>/	|Update an existing product (full/partial)|
|Delete	|DELETE	|/api/products/<id>/	|Delete a product by ID|


Use http://localhost:8000/api/products/ to test all CRUD operations.

### A: Authentication in DRF

DRF supports several auth schemes. We'll implement:

Token Authentication

Step 1: Add to INSTALLED_APPS

Step 2: views.py

Step 3: Run migrations

**python manage.py migrate**

Step 4: Generate token for users

**python manage.py drf_create_token username**

Step 5: Add settings

GET POSTMAN

![image.png](attachment:dd12b35f-7d2e-4986-8968-75817a78f77e.png)



POST POSTMAN

![image.png](attachment:e28daf1d-a58c-4c67-af0f-024ad2681377.png)

### B. JWT (JSON Web Tokens) Authentication (Optional/Advanced)

Install required packages:

**pip install djangorestframework-simplejwt**

Update settings.py

Update myecommerce/urls.py

Step 5: Step 1: Obtain JWT Access Token
* Open Postman
* New Request
    * Method: POST
        * URL: http://127.0.0.1:8000/api/token/

    * Go to Body tab
        * Select raw → JSON
        * Example request body:
          


Step 5: Use the JWT Access Token for Authenticated Requests
* Copy the "access" token.
* Create another request, e.g., GET http://127.0.0.1:8000/api/products/
* Go to Headers tab
* Add a new header:

*Key: Authorization*

*Value: Bearer your_access_token_here*

GET POSTMAN JWT

![image.png](attachment:4e1a68c1-0c6d-42f1-a826-d2661e921119.png)

POST POSTMAN JWT

![image.png](attachment:3f71e154-0cf1-48b9-a6cc-7c292dabd15d.png)