The Django REST Framework (DRF) is a powerful and flexible toolkit for building Web APIs using Django. In the modern world of application development, APIs have become the backbone of communication between systems, applications, and devices. Whether you are building a mobile app backend, integrating with third-party systems, or developing microservices, APIs are essential.
Django REST Framework (DRF) makes it simple to build APIs using Django’s existing features. It combines Django’s ORM, models, views, and authentication mechanisms with a clear and structured API layer.
This post will give you a detailed, step-by-step introduction to DRF, including why it is used, how to install it, how serialization works, and how to create your first working API using Django REST Framework.
1. What is Django REST Framework?
The Django REST Framework, often abbreviated as DRF, is an open-source library built on top of Django that simplifies the process of building RESTful APIs.
Django, by itself, is designed primarily for rendering HTML templates and serving traditional web pages. However, modern web and mobile applications often require data in JSON format, not HTML. DRF bridges this gap by providing tools to serialize Django models into JSON and manage API endpoints using Django’s familiar architecture.
In short, Django REST Framework transforms Django into a full-featured backend for RESTful API development.
2. Why Use Django REST Framework?
Developers prefer DRF because it provides high-level abstractions that simplify complex tasks like serialization, authentication, and permission management. Here are some key benefits:
a. Simplified API Creation
With DRF, you can turn Django models into fully functional REST endpoints with minimal code.
You don’t need to manually handle requests, responses, or data conversion between Python objects and JSON — DRF does it for you.
b. Automatic Serialization
DRF comes with a powerful serialization system that automatically converts Django model instances into JSON data.
Serialization also works in reverse: when clients send JSON data, DRF can deserialize it into Python objects ready for saving in the database.
c. Authentication and Permissions
DRF provides built-in support for various authentication methods like Token, Session, and OAuth. You can easily control who has access to certain endpoints using permission classes.
d. Browsable API Interface
One of the most appreciated features of DRF is its Browsable API. This is a web-based interface that allows developers and testers to interact with the API directly through their browser — without writing any external API client.
This makes debugging and testing incredibly convenient.
e. Integration with Django ORM
Since DRF is built on top of Django, it integrates seamlessly with Django’s ORM (Object Relational Mapper). This means you can directly use Django models, queries, and relationships to manage data.
f. Extensibility
DRF is built with modularity in mind. You can customize serializers, views, authentication, and permissions easily to suit any project’s needs.
3. Understanding RESTful APIs
Before diving into Django REST Framework, it’s important to understand what a RESTful API is.
a. What is REST?
REST stands for Representational State Transfer, an architectural style for designing web services. A RESTful API allows communication between client and server using simple HTTP methods like GET, POST, PUT, PATCH, and DELETE.
b. Common HTTP Methods
- GET – Retrieve data from the server
- POST – Create a new resource
- PUT – Replace an existing resource
- PATCH – Update part of a resource
- DELETE – Remove a resource
A RESTful API uses these methods to perform CRUD operations — Create, Read, Update, Delete — on resources.
c. Example of a REST Endpoint
If you have a Book model, RESTful endpoints might look like this:
| HTTP Method | Endpoint | Action |
|---|---|---|
| GET | /api/books/ | Retrieve all books |
| GET | /api/books/1/ | Retrieve book with ID 1 |
| POST | /api/books/ | Add a new book |
| PUT | /api/books/1/ | Update book with ID 1 |
| DELETE | /api/books/1/ | Delete book with ID 1 |
This consistent structure makes REST APIs predictable and easy to consume.
4. Installing Django REST Framework
Setting up DRF in your Django project is simple. You can install it with pip:
pip install djangorestframework
Once installed, add 'rest_framework' to your INSTALLED_APPS in your Django settings.py file:
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
]
That’s it — Django REST Framework is now ready to use.
5. Setting Up a Django Project for APIs
Let’s quickly create a new Django project and app to demonstrate how DRF works.
Step 1: Create a Django Project
django-admin startproject library
cd library
Step 2: Create a Django App
python manage.py startapp books
Step 3: Add the App to Installed Apps
In settings.py:
INSTALLED_APPS = [
'rest_framework',
'books',
]
Now you have a Django project ready to host an API.
6. Creating the Book Model
Inside the books/models.py file, define a simple model:
from django.db import models
class Book(models.Model):
title = models.CharField(max_length=200)
author = models.CharField(max_length=100)
published_date = models.DateField()
isbn = models.CharField(max_length=13, unique=True)
def __str__(self):
return self.title
Run migrations to create the database table:
python manage.py makemigrations
python manage.py migrate
7. Creating a Serializer
Serializers are a core part of DRF. They convert model instances into JSON data and vice versa.
Create a file called books/serializers.py and define a serializer for the Book model:
from rest_framework import serializers
from .models import Book
class BookSerializer(serializers.ModelSerializer):
class Meta:
model = Book
fields = '__all__'
This ModelSerializer automatically handles all model fields and relationships. You can also specify only selected fields if needed.
8. Creating a ViewSet
ViewSets combine logic for multiple related views (like list, retrieve, create, update, delete) into a single class.
Create a file books/views.py and add:
from rest_framework import viewsets
from .models import Book
from .serializers import BookSerializer
class BookViewSet(viewsets.ModelViewSet):
queryset = Book.objects.all()
serializer_class = BookSerializer
This single class handles CRUD operations automatically.
9. Registering Routes with Routers
Routers automatically create URL routes for your ViewSets.
In books/urls.py:
from django.urls import path, include
from rest_framework.routers import DefaultRouter
from .views import BookViewSet
router = DefaultRouter()
router.register(r'books', BookViewSet)
urlpatterns = [
path('', include(router.urls)),
]
Now, include this in the main project’s urls.py:
from django.contrib import admin
from django.urls import path, include
urlpatterns = [
path('admin/', admin.site.urls),
path('api/', include('books.urls')),
]
10. Running the API Server
Run your Django development server:
python manage.py runserver
Visit:
http://127.0.0.1:8000/api/books/
You’ll see the DRF Browsable API interface showing a list of books (initially empty). You can add, edit, or delete books directly from this interface.
11. Browsable API in Action
One of DRF’s most popular features is the Browsable API — an HTML interface automatically provided for every endpoint.
This feature allows developers and testers to:
- View available endpoints.
- Submit data through forms.
- See structured JSON responses.
- Debug quickly without using external tools like Postman.
Even though this interface is meant primarily for development and debugging, it’s a major time-saver.
12. Understanding the Components of DRF
To master Django REST Framework, you must understand its four key components:
a. Serializers
Convert Django models into JSON and validate incoming data.
b. Views / ViewSets
Define the logic for handling requests and responses.
c. Routers
Automatically map ViewSets to URL routes.
d. Permissions and Authentication
Control access and security for endpoints.
Each of these components can be customized independently to suit your application’s complexity.
13. Common API Operations with DRF
Create a Book (POST)
Send JSON data to:
POST /api/books/
Example body:
{
"title": "Django Mastery",
"author": "John Doe",
"published_date": "2023-09-01",
"isbn": "1234567890123"
}
Retrieve All Books (GET)
GET /api/books/
Retrieve Single Book (GET)
GET /api/books/1/
Update a Book (PUT or PATCH)
PUT /api/books/1/
Delete a Book (DELETE)
DELETE /api/books/1/
These endpoints are generated automatically using ModelViewSet.
14. Adding Permissions and Authentication
By default, DRF allows open access to all APIs. You can configure permissions in settings.py:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated',
]
}
Now, only authenticated users can access the endpoints. You can use session authentication or token-based authentication for access control.
15. Advantages of Django REST Framework
a. Rapid Development
You can build complete APIs with minimal code.
b. Reusable Components
ViewSets, Serializers, and Routers can be reused across multiple applications.
c. Strong Integration
DRF works natively with Django’s ORM, forms, and authentication system.
d. Community and Ecosystem
DRF has a vast and active community. There are many extensions for features like JWT Authentication, throttling, caching, and more.
16. Real-World Use Cases of DRF
- Mobile Application Backends – Expose APIs for iOS and Android apps.
- Single Page Applications (SPA) – Power frontends built with React, Angular, or Vue.
- Microservices Architecture – Build independent, lightweight APIs that communicate via HTTP.
- Third-party Integrations – Allow external developers to use your data securely.
17. Common Mistakes Beginners Make
- Not using ViewSets – Writing repetitive CRUD logic instead of using
ModelViewSet. - Ignoring Permissions – Leaving APIs open without proper access control.
- Mixing Business Logic in Views – Logic should reside in models or services, not views.
- Not Validating Input Data – Always use serializers for data validation.
- Neglecting Documentation – Use tools like
drf-yasgordrf-spectacularto auto-generate API docs.
18. Best Practices for Working with DRF
- Keep serializers simple and modular.
- Always define permissions explicitly.
- Use pagination for large datasets.
- Add meaningful error messages in serializers.
- Separate apps logically to keep code organized.
- Write tests for your APIs using DRF’s built-in testing framework.
19. Testing the API
You can test DRF endpoints using Django’s built-in test client or Postman.
Example Test Case
from rest_framework.test import APITestCase
from django.urls import reverse
from .models import Book
class BookAPITest(APITestCase):
def test_create_book(self):
url = reverse('book-list')
data = {'title': 'Test Book', 'author': 'Tester', 'published_date': '2024-01-01', 'isbn': '9999999999999'}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, 201)
Leave a Reply