# Starting a Django Rest Framework Project

## Getting started

Check Django version (Should be 2.1 or greater) and clean-up any existing directories if it's not the first time you've run this.

In [1]:
!python -m django --version
!rm -rf ratethings

2.1.7


Create a django project using the django-admin and traverse into the directory.
This is the only django-admin command we will be using. From here on out, we'll use manage.py

In [2]:
!django-admin startproject brewwolf
%cd brewwolf
!ls

/home/sgroenjes/Documents/Git/brewwolf-python/brewwolf
brewwolf  manage.py


## Django Projects and Apps
Django projects consist of a top-level project and various apps.  By tradition, there is an app named after the project, but you usually build other apps to hold functionality.  Apps can be standalone, or intertwined.  It's just a code organization tool.

The Django documentation includes the following description:


| Projects vs. apps
| 
| What’s the difference between a project and an app? An app is a Web application that does something – e.g., a | Weblog system, a database of public records or a simple poll app. A project is a collection of configuration | and apps for a particular website. A project can contain multiple apps. An app can be in multiple projects.


Start a new app named "votethings", and traverse into that directory.

In [3]:
!python manage.py startapp rate_beer
%cd rate_beer
!ls

/home/sgroenjes/Documents/Git/brewwolf-python/brewwolf/rate_beer
admin.py  apps.py  __init__.py	migrations  models.py  tests.py  views.py


## Models.py
First, we start by creating a basic model for our thing that will be voted on.

A django model consists of a both fields and methods.  Fields are literally things that will be stored in the database, and can be referenced and filtered on.  There are a few "magic" fields, such as "id" or "pk" that are predefined. Methods are good for when you want to have actions that live with your model class, which can manipulate values. There are a few "magic" methods that allow you to override default behaviors, such as save().

Here we are going to create two basic models: A "Thing" and a "Choice"

The Thing model includes a text field as well as a publication date.

The Choice model includes a text field and integer field, which should be straightforward.  The ForeignKey field is a linkage that allows the "choice" to contain a reference to a "Thing". 


In [4]:
%%writefile models.py
from django.db import models

class Beer(models.Model):
    name = models.CharField(max_length=200)
    average_rating = models.IntegerField(default=0)
    brewery = models.CharField(max_length=200)
    beer_type = models.CharField(max_length=200)

class Rating(models.Model):
    beer = models.ForeignKey(Beer, on_delete=models.CASCADE)
    user = models.CharField(max_length=200)
    rating = models.IntegerField(default=0)
    created_date = models.DateTimeField(auto_now_add=True, blank=True)
    comment = models.CharField(max_length=256, blank=True)


Overwriting models.py


## Serializers.py

Once the models exist, we need to create a "serializer" which allows Django Rest Framework (DRF) to translate a model into a json/xml blob.  The process of converting a memory object into a json/xml format is called "serialization".  Because our models are relatively simple, we can use the default "modelserializer" class, which greatly simplifies this process.   Serializers.py is a basic unit of DRF and is not a part of unadultered Django.

When using the ModelSerializer, you just have to list out what fields from your model you would like to have accessible via the REST API.

In [5]:
%%writefile serializers.py
from rest_framework import serializers
from votethings.models import Thing, Choice


class ThingSerializer(serializers.ModelSerializer):
    class Meta:
        model = Thing
        fields = ('id', 'question_text')


class ChoiceSerializer(serializers.ModelSerializer):
    class Meta:
        model = Choice
        fields = ('id', 'question', 'choice_text', 'votes')


Writing serializers.py


## Views.py

Once a serializer exists, we can create a view which will allow us to display our serialized models, as well as interact with them.

While you can pretty much do whatever you want in views.py, the [Django Guide](https://django-best-practices.readthedocs.io/en/latest/applications.html#models) says "Make'em fat".  By that, it means that your design should seperate concerns, and let the Django model handle most of the logic, while you let the views.py stay minimal, just for formatting views. With DRF, we're going to thin out views.py to the bare minimum, and put most of our heavy-lift logic elsewhere.  In DRF, it is useful to have "viewsets", which allow you to apply the REST specific logic over and over again with very little effort for each of the models.

The two things required for a ModelViewSet are a queryset, which tells it what objects to return, and a serializer, which is the class used to convert the retrieved objects in memory into json.

Additionally, if you would like to include additional methods beyond the typical REST verbiage, you can add @action decorators to viewsets.  Here, we're including a 'text' action that returns the text of the question.

In [6]:
%%writefile views.py
from rest_framework import viewsets
from rest_framework.decorators import action
from rest_framework.response import Response

from votethings.models import Thing, Choice
from votethings.serializers import ThingSerializer, ChoiceSerializer


class ThingViewSet(viewsets.ModelViewSet):
    """
    This viewset automatically provides `list`, `create`, `retrieve`,
    `update` and `destroy` actions.

    Additionally we also provide an extra `text` action.
    """
    queryset = Thing.objects.all()
    serializer_class = ThingSerializer

    @action(detail=True)
    def text(self, request, *args, **kwargs):
        thing = self.get_object()
        return Response(thing.question_text)
    
class ChoiceViewSet(viewsets.ModelViewSet):
    """
    This viewset automatically provides `list`, `create`, `retrieve`,
    `update` and `destroy` actions.

    Additionally we also provide an extra `text` action.
    """
    queryset = Choice.objects.all()
    serializer_class = ChoiceSerializer


Overwriting views.py


## Urls.py

The last file that **must** be created for Django to work is urls.py.  Urls.py defines how the Django application server will route requests. Here we are going to take anything behind the "/api/" url and pass that to an API router defined by DRF.  The API router knows how to use our ViewSets, which lets users create/update/delete objects.

Note: We are using class based views, which contains extra magic to make the router class work.  If you are not using class based views, this router approach won't work.

In [7]:
%%writefile urls.py
from django.urls import path, include
from rest_framework.routers import DefaultRouter
from votethings import views

# Create a router and register our viewsets with it.
router = DefaultRouter()
router.register(r'things', views.ThingViewSet)
router.register(r'choices', views.ChoiceViewSet)

# The API URLs are now determined automatically by the router.
urlpatterns = [
    path('', include(router.urls)),
]

Writing urls.py


## Back to the main app

Now, the new "votethings" app must be integrated in with the main app, ratethings.

In [8]:
%cd ../ratethings
!ls

/home/sgroenjes/Documents/Git/drf/ratethings/ratethings
__init__.py  __pycache__  settings.py  urls.py	wsgi.py


## Settings.py

In order for our application to be called, as well as rest_framework, it must be included in the apps list.
Usually this is included inline in the app, but because I don't know how to do that from a Jupyter notebook (maybe sed magic), we will just be appending a line to the bottom of the file that appends our app to the list.


In [9]:
%%writefile -a settings.py

# Include our new rest_framework and VotethingsConfig app
INSTALLED_APPS.append('rest_framework')
INSTALLED_APPS.append('votethings.apps.VotethingsConfig')


Appending to settings.py


## Urls.py part 2

Inside the main app settings.py, there is a line:

```
ROOT_URLCONF = 'ratethings.urls'
```

This tells the Django webserver what urls.py to use as the root.

We need to pull in the urls.py from the votethings app, and include it behind the '/api/' url.
We're also pulling in the Django "admin" app, which is handy. We'll use it in the future. Notice how it's a standalone app that we can just pull into our project.

In [10]:
%%writefile urls.py
from django.contrib import admin
from django.urls import include, path

urlpatterns = [
    path('api/', include('votethings.urls')),
    path('admin/', admin.site.urls),
]

Overwriting urls.py


## Database Migrations

The last thing we need to do before we can start using our project is to create database migrations and populate the database with our initial tables.

First, we 'makemigrations'. This should be commited with the code, and we will need to run the command again every time we update our models.py file.

In order to use the migrations files, we run 'migrate'.  This will use whatever the relevant DATABASE is currently configured in the main application settings.py file.  In this case, it's still the default sqlite database.  Once the application is deployed in production, the 'migrate' command will have to be run in order to migrate the production database.

In [11]:
%cd ../
!python manage.py makemigrations
!python manage.py migrate

/home/sgroenjes/Documents/Git/drf/ratethings
[36;1mMigrations for 'votethings':[0m
  [1mvotethings/migrations/0001_initial.py[0m
    - Create model Choice
    - Create model Thing
    - Add field question to choice
[36;1mOperations to perform:[0m
[1m  Apply all migrations: [0madmin, auth, contenttypes, sessions, votethings
[36;1mRunning migrations:[0m
  Applying contenttypes.0001_initial...[32;1m OK[0m
  Applying auth.0001_initial...[32;1m OK[0m
  Applying admin.0001_initial...[32;1m OK[0m
  Applying admin.0002_logentry_remove_auto_add...[32;1m OK[0m
  Applying admin.0003_logentry_add_action_flag_choices...[32;1m OK[0m
  Applying contenttypes.0002_remove_content_type_name...[32;1m OK[0m
  Applying auth.0002_alter_permission_name_max_length...[32;1m OK[0m
  Applying auth.0003_alter_user_email_max_length...[32;1m OK[0m
  Applying auth.0004_alter_user_username_opts...[32;1m OK[0m
  Applying auth.0005_alter_user_last_login_null...[32;1m OK[0m
  Applying auth.0

## Finally, the Runserver

At this point, we can run the test server.

### NOT FOR PRODUCTION

Please, please, please do not use the Django runserver in production. It is not designed for production, not only in terms of performance, but also security.  **Just don't do it**.

In [None]:
!python manage.py runserver

Performing system checks...

System check identified no issues (0 silenced).
March 29, 2019 - 19:50:29
Django version 2.1.7, using settings 'ratethings.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CONTROL-C.
Not Found: /
[29/Mar/2019 19:50:33] [33m"GET / HTTP/1.1" 404 2029[0m
Not Found: /favicon.ico
[29/Mar/2019 19:50:33] [33m"GET /favicon.ico HTTP/1.1" 404 2080[0m
[29/Mar/2019 19:50:41] [32m"GET /api HTTP/1.1" 301 0[0m
[29/Mar/2019 19:50:41] [m"GET /api/ HTTP/1.1" 200 9823[0m
[29/Mar/2019 19:50:41] [m"GET /static/rest_framework/css/bootstrap-tweaks.css HTTP/1.1" 200 3385[0m
[29/Mar/2019 19:50:41] [m"GET /static/rest_framework/css/default.css HTTP/1.1" 200 1131[0m
[29/Mar/2019 19:50:41] [m"GET /static/rest_framework/js/csrf.js HTTP/1.1" 200 1719[0m
[29/Mar/2019 19:50:41] [m"GET /static/rest_framework/js/ajax-form.js HTTP/1.1" 200 3597[0m
[29/Mar/2019 19:50:41] [m"GET /static/rest_framework/css/prettify.css HTTP/1.1" 200 817[0m
[

## Behold

Now, if you go in your browser to http://localhost:8000/api/, you will see your application.

# Getting Ready for Production

## Settings from Environment

In a containerized deployment, it is best practice to pass in most relevent variables for settings through the environment variables.  To do this, we will create a new file that parses the environment variable named DJANGO_CONFIG_JSON, and assigns it appropriately.

Then, we will include that at the end of settings.py

In [None]:
%cd ratethings

In [None]:
%%writefile settings.py
import os
import json

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))

# Required simple settings. (1)
SECRET_KEY = os.environ["APP_SECRET_KEY"]

# Simple settings with defaults. (2)
DEBUG = os.environ.get("APP_DEBUG") == "1"

# Interpreted settings. (3)
ALLOWED_HOSTS = os.environ \
  .get("APP_ALLOWED_HOSTS", "localhost") \
  .split(",")

# Database JSON config. (4)
DEFAULT_DATABASES = {SQlite config}
DATABASES = (
  json.loads(os.environ["APP_DATABASES"])
  if "APP_DATABASES" in os.environ
  else DEFAULT_DATABASES
)

# Advanced settings, most useful for debug environments. (5)

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'rest_framework',
    'votethings.apps.VotethingsConfig',
]

if "APP_ADDITIONAL_APPS" in os.environ:
  INSTALLED_APPS += os.environ["APP_ADDITIONAL_APPS"] \
.split(",")


MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

ROOT_URLCONF = 'ratethings.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

WSGI_APPLICATION = 'ratethings.wsgi.application'

# Password validation
# https://docs.djangoproject.com/en/2.1/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
]


# Internationalization
# https://docs.djangoproject.com/en/2.1/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_L10N = True

USE_TZ = True


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/2.1/howto/static-files/

STATIC_URL = '/static/'

## Configure Gunicorn

Most people pronounce it, g-unicorn, but the author maintains that gun-icorn is cooler.
This is how we server up the application in production without using the super-insecure runserver.
We'll be running Gunicorn inside a Docker container, that we have to build and run.

## Create a Dockerfile

A Dockerfile is a standardized way of building containers.  Learn more [Dockerfile reference](https://docs.docker.com/engine/reference/builder/)

Basics:
* FROM: What container should we start building from?  In this case, it's a [python3 standard container](https://hub.docker.com/_/python/?tab=description)

* COPY: Copy files (or directories) from the folder we're building in into the container

* RUN: Run a command inside the container.  Beware that it uses /bin/sh, not bash.

* WORKDIR: Set the base directory where commands should start inside the container.  Default is /

* EXPOSE: What port to expose outside.  This is mostly used when you start getting into higher level orchestration tools

* CMD:  What command is run initially if a command isn't specified.  It should be our startup command

In [None]:
%%writefile Dockerfile
FROM python:3

COPY ratethings/ /opt/ratethings/
COPY requirements.txt /opt/
RUN pip install -r /opt/requirements.txt


WORKDIR /opt/ratethings/
EXPOSE 8000
CMD [ "/usr/local/bin/gunicorn", "--bind", "0.0.0.0:80", "ratethings.wsgi:application" ]

## Build the Dockerfile

Make sure you have docker installed and started.  You'll need it.

Build runs each command in the Dockerfile, layer by layer.  The '-t' argument lets us tag the image so that we can recall it by a friendly name later on.

Unfortunately, you will have to run these commands from your own command line.

```
sudo docker build -t ratethings .
```

## Run the Container


Here, we actually instantiate the container using the tagged image above.  We also pass through '-p', to bind port 80 on our host to port 80 inside the container. The '-d' daemonizes the container, so that it will be running in the background.

```
sudo docker run -d -p 80:80 ratethings
```

## Check it out

Now, you can try going to http://localhost/api and see the configuration inside the container.