This project will be used as the boilerplate for a custom appointments web app for a nail salon in Denver, Colorado. A React front-end is under development and can be found here.
Python 3.9.5
PostgreSQL 13
Create a .env file in the project's root directory with the following settings:
DATABASE_ENGINE=postgresql_psycopg2 # for postgres using psycopg2, or use django.db.backends.sqlite3
DATABASE_NAME=db_name
DATABASE_USER=username
DATABASE_PASSWORD=password
DATABASE_HOST=db # if local, else some ip address for Amazon RDS, or other hosted DB
DATABASE_PORT=port
DJANGO_SECURITY_KEY=django_security_key
DJANGO_ALLOWED_HOSTS=* # add a comma-seperated list of IP's for more security
DJANGO_LOGLEVEL=INFO
DJANGO_DEBUG_MODE=True
To build a development environment that uses a local PostgreSQL instance:
docker-compose -f docker-compose.yml build
Or, to build an instance that can run on an AWS EC2 instance using an RDS Postgres instance:
docker-compose -f docker-compose.aws.yml build
Then to run the container:
docker-compose -f docker-compose.yml up
Add a '-d' flag to run headless. Then use 'docker-compose -f docker-compose.yml down' to kill the process.
Note: this will start a new project so you will need to shell into the Docker environment to initialize the database and setup a superuser upon first use. See Build the Project section below.
Admin Only Endpoints:
settings/
groups/
users/
users/<str:group_name>/ # POST here to create a user
To receive an API token, post valid login information to:
api-token-auth/
Authenticated users can only GET, PUT, and DELETE their own profile:
user/<int:pk>/
Authenticated users can also get their own profile without any additional information:
user/self/
A user can request an emailed link to change their password or set up a new account. Tokens are valid for 30 minutes.
email-verification-token/
The link will take the user to the appropriate enpoint:
create-customer/<str:key>
OR
reset-password/<str:key>
Appointments endpoints, accessable by authenticated users:
appointments/
appointments/<int:pk>/
past-appointments/
past-appointments/<int:pk>/
Past appointments are read-only and are managed by api.utils.manage_appointments.py.
Management only endpoints:
schedules/
schedule/<int:pk>/
menu/
menu/<int:pk>/
python -m venv venv
venv\venv\activate.bat
(venv) pip install -r requirements.txt
To activate the Python on Linux:
source venv/venv/activate
python manage.py makemigrations api
python manage.py migrate
python manage.py createsuperuser
python manage.py runserver 8080
Token authentication is used, so users must have a token to be able to access the api. Tokens can be generated via command-line:
python manage.py drf_create_token username
A registered user can also request a token via the api-token-auth/ endpoint buy submitting a POST request like:
{
"phone": "phone_number",
"password": "password"
}
For authentication purposes there are 3 user groups: Customers, Employees, and Management. When creating users with the users/group_name/ endpoint that user is automatically added the group.