DEV Community: Noble Obioma

Deploy a React App to Amazon S3 using Github Actions

Noble Obioma — Fri, 12 Jun 2020 09:39:00 +0000

Amazon Simple Storage Service (S3)?

Amazon Simple Storage Service (S3) is one of the numerous services offered by Amazon Web Services(AWS), an on-demand cloud computing platform. Amazon S3 provides scalable object storage through a web service interface that is used to store and retrieve any amount of data, at any time, from anywhere on the web.

Github Actions?

GitHub Actions makes it easy to automate your workflows like build, test, and deploy when using Github, a platform that provides hosting for software development version control using Git.

In this post, we will go through:

How to create an Amazon S3 bucket.
How to set up an S3 bucket for Web Hosting.
How to configure our Github actions to automatically deploy changes to the S3 bucket. In the end, deploy a React App to live.

Before we get started, you need to have:

A Github account.
An AWS Account

This exercise can be accommodated within the AWS Free Tier

Create Amazon S3 Bucket

First, log in to your AWS account. On the AWS Management Console, click S3 from the list of services under the Storage section or use the search bar.

On the Amazon S3 page, click on Create Bucket

To create a bucket, provide a Bucket Name. An S3 bucket name must be unique amid all buckets universally in Amazon S3. Also, take note of the Region you are creating the bucket in. For this post, we are using US East (N. Virginia) which is us-east-1.

Uncheck the checkbox for Block all public access. After, click on Next and Review bucket configurations. Then click Create bucket.

Add Bucket Policy

This makes the contents of your bucket publicly available. This action is not recommended when working with S3 buckets, but for this our purpose this is fine.

Under Buckets, choose the name of your bucket(s3-github-actions) > Choose Permissions > Choose Bucket Policy.

Copy the following bucket policy, and paste it in the editor.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadGetObject",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::<bucket-name>/*"
            ]
        }
    ]
}

Update the snippet to include your bucket name. In the bucket policy, <bucket-name> you must update this name to match your bucket name.
Then, click on Save.

Enable Static Website Hosting

Click Use this bucket to host a website.

Type index.html in the Index document field and Save.

Note: Take note of the Endpoint URL, our website will be accessible in the browser using this URL.

Create and Push React App to GitHub

Now we have our S3 bucket, it's time to create and push our React App to GitHub.

First, create a New Repository on GitHub.

After creating a repository, You could:

Create a React application using Create React App or Parcel-Bundler and ensure that there is a build script in the package.json file will output to a dist folder.

  $ git init # initialize git locally
  $ git add . # add changes to git
  $ git commit -m "React App" # commit changes
  $ git remote add origin <your-github-repo-url.git> # add remote origin
  $ git push -u origin master # push to remote master branch

OR

Clone the sample React App repository S3-Github Actions React App that we will be using for this post and add your repository's remote URL. GitHub Repo - S3-Github Actions React App

To add new remote (this will add a new remote called actions):

  $ git remote add actions <your-github-repo-url.git> # add remote actions
  $ git push -u actions master # push to remote master branch

To set up our workflow, we need to provide the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY and AWS_REGION of the S3 bucket in other to connect successfully to Amazon S3.

Get AWS Authorization

On the AWS Console:

Click on IAM under the Security, Identity, & Compliance section.
Click on Users and select your preferred user.
Under Security Credentials, click on Create Access Key. This will create an AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, copy these values. You can also manage key access by either deleting or making it inactive.

Even with a confidante, you do not ever what to share your access keys. Your confidante might have a confidante. Who knows! 🤷🏻‍♂️.

So that's why we will be passing some very important values as Secrets on GitHub then later access them in the workflow file using the expression syntax. ${{ <expression> }}

Back to Github

Click on the Settings tab, Select Secret on the left menu, then click on New Secret to add a secret providing the Name and Value.

Name	Value
AWS_ACCESS_KEY_ID	your-aws-access-key-id
AWS_SECRET_ACCESS_KEY	your-aws-secret-access-key
AWS_REGION	`us-east-1` or your-aws-s3-region

Setup Github Actions

Now, we have the S3 bucket set up and a React app to deploy.

On the GitHub repository, click on the Actions tab to open the Github actions page. On the Actions page, click on the Set up this workflow or set up a workflow yourself -> button, this will redirect to a new page with a web editor containing some boilerplate code but we will get rid of that.

First, let's name the workflow file. Change blank.yml to s3-depl. You can leave the filename as blank.yml, but it is best to give it a descriptive name.

Copy and paste the code snippet into the editor. Copy and Paste, a developer's superpower 🦸🏻‍♂️🦸🏻‍♀️.

name: s3-depl

on:
  push:
    branches:
      - master

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}
      - name: Build React App
        run: npm install && npm run build
      - name: Deploy app build to S3 bucket
        run: aws s3 sync ./dist/ s3://<bucket-name> --delete

Mehhnnn! So many lines!!🥶
Now, let's breakdown the code snippet above.

name: We define the name of this action. This will be used to identify the action amid may others you may have.
on: We define trigger with on : push also the branch. This workflow will run anytime you push code to the master branch.
jobs: Workflow run is made up of one or more jobs and they run in parallel by default.
- steps: A job contains a sequence of tasks called steps. Steps can run commands, run setup tasks, or run action in your repository and each step starts either with a uses: or a name:.
- actions/checkout@v2: This action checks-out your repository, so your workflow can access it.
- aws-actions/configure-aws-credentials@v1: This configures AWS credentials and region environment variables for use in other GitHub Actions.
- Build React App: This step block installs the node packages and runs the build in the package.json file, which creates a dist folder in the root directory.
- Deploy app build to S3 bucket: This deploys the newly created build to S3 bucket <bucket-name> (replace <bucket-name> with the name of your S3 bucket. Mine is s3-github-actions).

To save, click on the Start Commit then Commit New File. This will,

save the action, creating a .github directory with a workflows directory in it that contains the new file s3-depl(the file name you used earlier)
Trigger the action.

To check the progress, click on the Actions tab.

Voila!! The action ran successfully. Yay! Party After Party!! 🎊

You can now check your S3 bucket, you would see that the build files have been uploaded to it.

Our site is now live!!! On the browser, go to the Endpoint URL (http://<s3-bucket>.s3-website-<s3-region>.amazonaws.com) that we came across when enabling Static Website Hosting. Now, any change you make to your react app will build and upload to your S3 bucket which will update live.

You can go on to work with Github Actions by triggering an action on Pull Request that might run some CI tests and perform several steps before deploying to your S3.

Thank you. 🎊

Deploy to AWS Lambda using Github Actions

Noble Obioma — Thu, 11 Jun 2020 07:53:29 +0000

AWS Lambda?

AWS Lambda is one of the numerous services offered by Amazon Web Services(AWS), an on-demand cloud computing platform. AWS Lambda lets you upload your code and it takes care of everything required to run and scale your code with high availability without you having to provision or manage servers and you only pay for the compute time you consume.

Github Actions?

GitHub Actions makes it easy to automate your workflows like build, test, and deploy when using Github, a platform that provides hosting for software development version control using Git.

In this post, we will go through:

How to create a Lambda function on the AWS Console
How to write a typescript app and compile it to es2017 for the Lambda function.
How to configure our Github actions to automatically deploy changes to the Lambda function.

Before we get started, you need to have:

A Github account.
An AWS Account This exercise can be accommodated within the AWS Free Tier

Setup Lambda Function on AWS Console

After logging into your AWS Account,

Click on Lambda in the Compute section or you can search for it in the search bar.
On the AWS Lambda page, click on Create Function button
Add a name to the lambda function, set Runtime to Node 12.x, and click on Create Function. N/B: You won't have to make any other changes, we will be using the defaults. AWS Lambda supports other runtimes like Java, Ruby, Go, .Net.

After the function has been successfully created, you will be redirected to a new page.

You can write your lambda function directly on the Function Code IDE section. However, we want to:

Write the code on our local machine
Push it to a Github branch
Let Github Actions update AWS Lambda function with the new changes.

Setup a Typescript App Repository

In the following commands, we will:

Create a new directory aws-chat-randy,
Initialize git and npm
Install typescript dependency.
Initialize typescript

$ mkdir aws-chat-randy
$ cd aws-chat-randy
$ git init
$ npm init -y # generate a package.json file
$ npm install typescript
$ tsc --init  # generate a tsconfig.json file

Make an src directory and add an index.ts file with the following code:

export const handler = async (): Promise<any> => {
  const response = {
    statusCode: 200,
    body: JSON.stringify('Hello from aws-chat-randy AWS Lambda Function!'),
  };
  return response;
};

This code will always send a JSON response containing the Hello from aws-chat-randy AWS Lambda Function!. Because Node cannot run a Typescript code, we will have to compile the code to JavaScript.

Open the tsconfig.json file that was generated when you ran tsc --init and overwrite the default config with the snippet below. This config sets the target ECMAScript version we want to compile to and sets the output directory among other things.

{
  "compilerOptions": {
    "module": "commonjs",
    "outDir": "./dist",
    "target": "es2017",
    "strict": true,
    "baseUrl": "./src",
    "esModuleInterop": true,
    "inlineSourceMap": true,
    "forceConsistentCasingInFileNames": true
  }
}

In the package.json file, add a build script that will run tsc which will compile our TS code to JS using the config above.

...
"scripts": {
    "build": "tsc"
  },

Create a Github Repository

Log in to your Github account, then create a Github repository.
Add the remote URL of the new Github repository to your local repository and push your code to the master branch.

$ git remote add origin https://github.com/<github-username>/<repo-name>.git
$ git push -u origin master

Setup Github Actions

On the Github repository for your application, click on the Actions tab to open the Github actions page.

There are sample workflows that already have every day-to-day action that is performed by developers. But for this post, we will be writing our workflow.

Click on Set up this workflow button.

Clicking on Set up this workflow will open a web editor with some boilerplate code. We'll get rid of that an add our workflow code.

First, let's give a name to the workflow file

Copy and paste the code snippet into the Github editor in the browser.

name: lambda-depl

on:
  push:
    branches:
      - master

jobs:
  deploy_source:
    name: build and deploy lambda
    strategy:
      matrix:
        node-version: [12.x]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Use Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v1.4.2
        with:
          node-version: ${{ matrix.node-version }}
      - name: Install dependencies, Build application and Zip dist folder contents
        run: npm install && npm run build && zip -qq -r -j ./bundle.zip ./dist/*
      - name: deploy zip to aws lambda
        uses: appleboy/lambda-action@master
        with:
          aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws_region: ${{ secrets.AWS_REGION }}
          function_name: aws-chat-randy
          zip_file: bundle.zip

Mehhnnn! So many lines!!🥶
Now, let's breakdown the code snippet above.

name: We define the name of this action. This will be used to identify the action amid may others you may have.
on: We define trigger with on : push also the branch. This workflow will run anytime you push code to the master branch.
job: We define only one job called build and deploy lambda. It uses node version 12.x and it runs on the latest version of Ubuntu.
- steps: A job contains a sequence of tasks called steps. Steps can run commands, run setup tasks, or run action in your repository. Each step starts either with a uses: or a name:.
- actions/checkout@v2: This action checks-out your repository, so your workflow can access it.
- Use Node.js...: This step block installs node on fresh Ubuntu instance created earlier.
- Install dependencies, build application and Zip dist folder contents: This step block installs the node packages in the package.json file, runs the build script which creates a dist folder in the root directory of our app, then zip the content of the dist folder to bundle.zip.
- deploy zip to aws lambda: This deploys the newly created bundle.zip to the Lambda named aws-chat-randy (you have to use the name of your lambda function created earlier).

Get AWS Authorization

To complete our workflow, we need to provide the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.
On the AWS Console:

Click on IAM under the Security, Identity, & Compliance section.
Click on Users and select your preferred user.
Under Security Credentials, click on Create Access Key. This will create an AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, copy these values. You can make all so manage key access by either deleting or make inactive.

Even with a confidante, you do not what to share your access keys. Your confidante might have a confidante. Who knows! 🤷🏻‍♂️.

So that's why we will be passing some very important values as Secrets then later access them in the workflow file using the expression syntax. ${{ <expression> }}

Back to Github

Click on the Settings tab, Select Secret on the left menu, then click on New Secret to add a secret providing the Name and Value.

Name	Value
AWS_ACCESS_KEY_ID	your-aws-access-key-id
AWS_SECRET_ACCESS_KEY	your-aws-secret-access-key
AWS_REGION	your-aws-lambda-region

Make a change to your in your local repository, commit and push to Github.

Our changes have been compiled to JavaScript and successfully deployed to our AWS Lambda function. You can check your lambda function to see the update.

Awesome work getting here. You can go on to work with Github Actions by triggering an action on Pull Request that might run some CI tests and perform several steps.

Thank you. 🎊

Build a CRUD Django REST API

Noble Obioma — Mon, 09 Mar 2020 21:30:36 +0000

In this article, we'll be adding CRUD(Create, Read, Update, Delete) functionality to an already existing Django REST API with user authentication. This is a continuation of a previous article where we added authentication functionalities like register, login, logout to a simple Bookstore Django REST API with just one endpoint that sends a response {"message": "Welcome to the BookStore!"} and a user must be authenticated to access our endpoint.

Do you want to:

Let's get started 😀

We'll start by creating some models. Django models are basically python objects that are utilized in accessing and managing data. Models define the structure of stored data like field types, creating relationships between data, applying certain constraints to data fields and a lot more. For more information on the Django Model, check the documentation v3.

For our bookstore_app, we'll create two models Author and Book.

# ./bookstore_app/api/models.py

from django.db import models
from django.conf import settings
from django.utils import timezone

# Create your models here.
class Author(models.Model):
  name = models.CharField(max_length=200)
  added_by = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
  created_date = models.DateTimeField(default=timezone.now)

  def __str__(self):
    return self.name

class Book(models.Model):
  title = models.CharField(max_length=200)
  description = models.CharField(max_length=300)  
  author = models.ForeignKey(Author, on_delete=models.CASCADE)
  added_by = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
  created_date = models.DateTimeField(default=timezone.now)

  def __str__(self):
    return self.title

Somethings to take note of on the models we just created:

In the Book model, a book must have an author. So we created a field author which is a ForeignKey referencing the Author model.
We want to keep track of the user that added the entry for either Book or Author, so we create a field added_by which is a ForeignKey referencing the AUTH_USER_MODEL.

Now we have our models created, we'll have to run migrations. But before that let's makemigrations after which we'll then run the created migrations.

$ python manage.py makemigrations
$ python manage.py migrate

Time for a test-drive 🚀. I'll be testing my newly created models in the Django shell by adding some entries to Author. On the terminal, let's start the shell by running python manage.py shell.

$ python manage.py shell
Python 3.6.9 (default, Nov  7 2019, 10:44:02) 
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
(InteractiveConsole)
>>>

Looking at the fields in the Author models, we have:

name: which is a character field with a max length of 200, so it can take strings.
added_by: which is referencing the User model. So to make a new entry, we need to pass an instance of a user.
created_date: which defaults to the current entry time.

So, in the shell we have to import the User and Author models to make adding an entry to Author possible.

>>> from django.contrib.auth.models import User
>>> from api.models import Author

Let's create a user:

First, we make an instance of User, then we call the save method on the model to save to the Db.

>>> user = User(first_name="John", last_name="Doe", username="johndoe")
>>> user.save()

Adding an Author:

To add an author, we make an instance of Author, passing the instance of the user we already created to added_by

>>> author1 = Author(name="Author Mie", added_by=user)
>>> author1.save()
>>> author2 = Author(name="Author Mello", added_by=user)
>>> author2.save()

We have successfully added two new authors. To get all entries on the Authors table:

>>> Author.objects.all()
<QuerySet [<Author: Author Mie>, <Author: Author Mello>]>

We can also with our models through the Django admin interface provided by Django which is accessible at https://localhost:8000/admin. But before we do that we'll first have to:

Add our models to admin interface
Create a superuser

To add the models to the Admin Interface

# bookstore_app/api/admin.py

from django.contrib import admin
from .models import Author, Book

# Register your models here.
admin.site.register(Author)
admin.site.register(Book)

To create a superuser

A "superuser" account has full access to the server and all needed permissions.

On the terminal, run python manage.py createsuperuser

$ python manage.py createsuperuser
Username: superadmin
Email address: superadmin@email.com
Password: 
Password (again):

Superuser created successfully.

We have successfully created a superuser. Now, run the server and login to the admin page on the browser using the superuser credentials that you created. After a successful login, your admin interface will look like the image below. You can now add more Authors and Books even set permissions, disable certain users and lots more if need be. Of course, you are the superuser!!!

https://localhost:8000/admin

So far, we have been able to persist our data and read from the DB on the shell. It's time to create some views to handle POST, GET, PUT, DELETE requests on the server. But before we start adding new views in the api/views.py file, let's create serializers for our models.

Serializers allow complex data such as querysets and model instances to be converted to native Python datatypes that can then be easily rendered into JSON.

To begin creating our serializers, let's create a serializers.py file in our api app folder and then create our AuthorSerializer and BookSerializer, selecting the fields that we care about in the different models that we will pass to the response.

# bookstore_app/api/serializers.py

from rest_framework import serializers
from .models import Author, Book

class AuthorSerializer(serializers.ModelSerializer):
    class Meta:
        model = Author
        fields = ['id', 'name', 'added_by', 'created_by']

class BookSerializer(serializers.ModelSerializer):
    class Meta:
        model = Book
        fields = ['id', 'title', 'description', 'created_date', 'author', 'added_by']

We have our serializer ready, let's open the api/views.py file. The current content of the file should be from the previous post, Adding Authentication to a REST Framework Django API.

# ./bookstore_app/api/views.py

from rest_framework.decorators import api_view, permission_classes
from rest_framework.permissions import IsAuthenticated
from django.http import JsonResponse
from django.views.decorators.csrf import csrf_exempt

@api_view(["GET"])
@csrf_exempt
@permission_classes([IsAuthenticated])  
def welcome(request):
    content = {"message": "Welcome to the BookStore!"}
    return JsonResponse(content)

User can get all books

# ./bookstore_app/api/views.py

...
from .serializers import BookSerializer
from .models import Book
from rest_framework import status


@api_view(["GET"])
@csrf_exempt
@permission_classes([IsAuthenticated])
def get_books(request):
    user = request.user.id
    books = Book.objects.filter(added_by=user)
    serializer = BookSerializer(books, many=True)
    return JsonResponse({'books': serializer.data}, safe=False, status=status.HTTP_200_OK)

User can add a book

# ./bookstore_app/api/views.py

...
from .models import Book, Author
import json
from django.core.exceptions import ObjectDoesNotExist

@api_view(["POST"])
@csrf_exempt
@permission_classes([IsAuthenticated])
def add_book(request):
    payload = json.loads(request.body)
    user = request.user
    try:
        author = Author.objects.get(id=payload["author"])
        book = Book.objects.create(
            title=payload["title"],
            description=payload["description"],
            added_by=user,
            author=author
        )
        serializer = BookSerializer(book)
        return JsonResponse({'books': serializer.data}, safe=False, status=status.HTTP_201_CREATED)
    except ObjectDoesNotExist as e:
        return JsonResponse({'error': str(e)}, safe=False, status=status.HTTP_404_NOT_FOUND)
    except Exception:
        return JsonResponse({'error': 'Something terrible went wrong'}, safe=False, status=status.HTTP_500_INTERNAL_SERVER_ERROR)

User can update a book entry by id

# ./bookstore_app/api/views.py

...
@api_view(["PUT"])
@csrf_exempt
@permission_classes([IsAuthenticated])
def update_book(request, book_id):
    user = request.user.id
    payload = json.loads(request.body)
    try:
        book_item = Book.objects.filter(added_by=user, id=book_id)
        # returns 1 or 0
        book_item.update(**payload)
        book = Book.objects.get(id=book_id)
        serializer = BookSerializer(book)
        return JsonResponse({'book': serializer.data}, safe=False, status=status.HTTP_200_OK)
    except ObjectDoesNotExist as e:
        return JsonResponse({'error': str(e)}, safe=False, status=status.HTTP_404_NOT_FOUND)
    except Exception:
        return JsonResponse({'error': 'Something terrible went wrong'}, safe=False, status=status.HTTP_500_INTERNAL_SERVER_ERROR)

User can delete a book entry by id

# ./bookstore_app/api/views.py

...

@api_view(["DELETE"])
@csrf_exempt
@permission_classes([IsAuthenticated])
def delete_book(request, book_id):
    user = request.user.id
    try:
        book = Book.objects.get(added_by=user, id=book_id)
        book.delete()
        return Response(status=status.HTTP_204_NO_CONTENT)
    except ObjectDoesNotExist as e:
        return JsonResponse({'error': str(e)}, safe=False, status=status.HTTP_404_NOT_FOUND)
    except Exception:
        return JsonResponse({'error': 'Something went wrong'}, safe=False, status=status.HTTP_500_INTERNAL_SERVER_ERROR)

Having completed the views and its functionalites, we'll now add them to the api/urls.py file.

# ./bookstore_app/api/urls.py

from django.urls import include, path
from . import views

urlpatterns = [
  ...
  path('getbooks', views.get_books),
  path('addbook', views.add_book),
  path('updatebook/<int:book_id>', views.update_book),
  path('deletebook/<int:book_id>', views.delete_book)
]

Now, let's get our environment and Django server started. To access the manage.py file, you have to be in the django project bookstore_app directory.

$ cd bookstore_app
$ pipenv shell
$ python manage.py runserver

You can use Postman to test with the same JSON properties, but I'll be using curl.

Let the tests begin 😀

Register a new user

To create a user, we will be making a POST request to localhost:8000/registration/ and passing fields username, password1, password2, you may choose to pass an email field but that is optional.

> Request

$ curl -X POST -H "Content-Type: application/json" -d '{"username":"testuser", "password1":"testpassword", "password2":"testpassword"}' localhost:8000/registration/

> Response:
   {"key":"1565c60a136420bc733b10c4a165e07698014acb"}

You also get an authentication token after a successful login localhost:8000/login/ passing fields username and password. To test the rest of the endpoints, we need to prove to the server that we are valid authenticated users. So to do this we'll set the token we got after registration to the Authorization property in the Headers dict prefixing the actual token with Token.

Authorization: Token 1565c60a136420bc733b10c4a165e07698014acb

Add a new book
To add a book, we make a POST request to localhost:8000/api/addbook passing fields title, description, author(id of an author we had earlier created)

> Request
$ curl -X POST -H "Authorization: Token 1565c60a136420bc733b10c4a165e07698014acb" -d '{"title":"CRUD Django", "description":"Walkthrough for CRUD in DJANGO", "author": 1}' localhost:8000/api/addbook 

> Response
   {"book": {
       "id": 1, 
       "title": "CRUD Django", 
       "description": "Walkthrough for CRUD in DJANGO", 
       "author": 1, 
       "added_by": 2, 
       "created_date": "2020-02-29T21:07:27.968463Z"
     }
   }

Get all books
To get all books, we'll make a GET request to localhost:8000/api/getbooks. This will give us a list of all book that has been added by the currently logged in user.

> Request
$ curl -X GET -H "Authorization: Token 9992e37dcee4368da3f720b510d1bc9ed0f64fca" -d '' localhost:8000/api/getbooks

> Response
{"books": [
      {
        "id": 1, 
        "title": "CRUD Django", 
        "description": "Walkthrough for CRUD in DJANGO", 
        "author": 1, 
        "added_by": 2, 
        "created_date": "2020-02-29T21:07:27.968463Z"
       }
    ]
 }

Update a book-entry by id
To update a book, we make a PUT request passing the id of the book we want to update as a parameter on the URL to localhost:8000/api/updatebook/<id> passing fields the fields you want to alter.

> Request
$ curl -X PUT -H "Authorization: Token 9992e37dcee4368da3f720b510d1bc9ed0f64fca" -d '{"title":"CRUD Django Updated V2", "description":"Walkthrough for CRUD in DJANGO", "author": 1}' localhost:8000/api/updatebook/1

> Response
{"book": {
    "id": 1, 
    "title": "CRUD Django Updated V2", 
    "description": "Walkthrough for CRUD in DJANGO", 
    "author": 1, 
    "added_by": 2, 
    "created_date": "2020-02-29T21:07:27.968463Z"
  }
}

Delete a book-entry by id
To delete a book, we make a DELETE request passing the id of the book we want to delete as a parameter on the URL to localhost:8000/api/deletebook/<id>

> Request
$ curl -X DELETE -H "Authorization: Token 9992e37dcee4368da3f720b510d1bc9ed0f64fca" -d '' localhost:8000/api/deletebook/1

Hurray🎉🎉, we have a fully functional CRUD Django REST API. If you are testing using postman you might run into an error response { "detail": "CSRF Failed: CSRF token missing or incorrect." }, clearing Cookies on Postman will fix the issue.

All our code for the last two(2) posts and this post:

resides in this Github repository, Bookstore Django REST API

Thank you for reading. 😃

Adding Authentication to a REST Framework Django API

Noble Obioma — Mon, 09 Mar 2020 21:25:45 +0000

In this article, we'll be adding user authentication to an already existing REST API. This is a continuation of a previous article where we built a simple Bookstore Django REST API with just one endpoint that sends a response {"message": "Welcome to the BookStore!"}.
Want to Create a simple REST API with Django?

At the end of this article,

User can register
User can log in
TokenBased Authentication
User can Logout

Let's get started 😀

First, change directory into the project and spin up our environment:

$ cd bookstore
$ pipenv shell

Now, let's add some packages to our environment that will handle our authentication:

$ pipenv install django-rest-auth django-allauth

We've added some new packages, let's make our Django app aware of these authentication packages and add some functionalities too. To do this,

# ./bookstore_app/settings.py
...
INSTALLED_APPS = [
    ...
    'rest_framework.authtoken',
    'rest_auth',
    'django.contrib.sites',
    'allauth',
    'allauth.account',
    'rest_auth.registration',
]

Because Django tries to send an email e.g when a user creates an email account, we need to add a little config EMAIL_BACKEND and SITE_ID to the settings.py file. This prints the email to be sent to the console.

# ./bookstore_app/settings.py
...
INSTALLED_APPS = [
    ...
]

EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
SITE_ID = 1

MIDDLEWARE = [
    ...
]

...

Next, we'll add the URLs from the rest_auth package to the project's urls.py file. This gives us access to a host of auth functionalities.

User Registration - registration/
User Login - login/
User Logout - logout/
User Details - user/
Change Password - password/change/
Password Reset - password/reset/
Confirm Password Reset - password/reset/confirm/

# ./bookstore_app/urls.py

urlpatterns = [
    ...
    path('', include('rest_auth.urls')),
    path('registration/', include('rest_auth.registration.urls')),
]

After adding the URLs, let's now set some Authentication Scheme and
Permission Policies. What file are we going to be setting these?? 🤔

NICE!!!! That will be the settings.py file. Thank you for thinking about it for me. 😊

# ./bookstore_app/settings.py
...

REST_FRAMEWORK = {
    # Authentication Scheme
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.TokenAuthentication',
    ),
    # Permission Policies
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated',
    ]
}

Now, let's run our migrations:

$ python manage.py migrate

Let's add some restrictions to the welcome viewset in the views.py file so that unauthorized users would not have access.

# ./bookstore_app/api/views.py

from rest_framework.decorators import api_view, permission_classes
from rest_framework.permissions import IsAuthenticated
from django.http import JsonResponse
from django.views.decorators.csrf import csrf_exempt

@api_view(["GET"])
@csrf_exempt
@permission_classes([IsAuthenticated])  
def welcome(request):
    content = {"message": "Welcome to the BookStore!"}
    return JsonResponse(content)

Finally, the restriction is set and an unauthenticated user cannot have access.

Now, let's test our endpoints. We'll create a user, log in and access the welcome endpoint. You can use Postman to test with the same JSON properties, but I'll be using curl.

Registration

> Request

$ curl -X POST -H "Content-Type: application/json" -d '{"username":"testuser", "password1":"testpassword", "password2":"testpassword"}' localhost:8000/registration/

> Response:
   {"key":"1565c60a136420bc733b10c4a165e07698014acb"}

Creating a user and Logging in returns a token that can be used to uniquely identify a user so we'll skip login and use the token to access the welcome endpoint that we added the restriction to.

Welcome endpoint with Token

> Request
$ curl -X GET -H 'Authorization: Token 1565c60a136420bc733b10c4a165e07698014acb' localhost:8000/api/welcome

> Response
   {"message": "Welcome AH_Bookstore App!"}

Welcome endpoint without Token

> Request
$ curl -X GET -H '' localhost:8000/api/welcome

> Response
   {"detail":"Authentication credentials were not provided."}

Finally, our authentication works fine. Next, we'll be adding CRUD functionality to our app and creating some models.

Thank you for reading. 😊

Create a simple REST API with Django

Noble Obioma — Mon, 09 Mar 2020 21:23:47 +0000

In this article, we will be building a simple API with one endpoint that sends a response "Welcome to the BookStore" when a GET request is made to the server. The purpose is to show the bare minimum setup you need to get a Django REST API up and running.

Requirements

Basic Knowledge of Python programming language.
Python: To be able to run python(.py) files on our machine, we need to have the python compiler installed on our computer. The version should be a python3 version, you can check out the Python to download. To check if you have python installed:

$ python3 --version

Pipenv: Pipenv is a packaging tool for Python that solves some common problems associated with managing your Python dependencies. For more info, check out Pipenv. To check if you have pipenv installed:

$ pipenv --version

Let's get started!! 😀

First, let's create a directory for our app then change directory into the new folder:

$ mkdir bookstore
$ cd bookstore

Next, we'll spin up an environment using pipenv:

$ pipenv shell

If your environment was started correctly, depending in the terminal you are on, it will look something like this:

(env-name) user@user:~/Documents/bookstore$

For us to build an app using Django we have to install the Django framework in our environment:

$ pipenv install django

Next, let's create our Django Project. We'll use the django-admin tool which will generate the project folder, basic file templates, and project management script (manage.py).

$ django-admin startproject bookstore_app

Voila!! 🤩, that's all you need to have a Django server running. So to test the server, we'll change directory into the newly created Django project and run the server.

$ cd bookstore_app
$ python manage.py runserver

To see all the possible scripts you can use on the manage.py file, in the project directory run:

$ python manage.py --help

If you are using a zsh terminal, double-tap the TAB key after typing python manage.py. It prints a more descriptive list of available scripts.

Now that we have Django server ready, it's time to set our server up to be able to respond to requests and to do this we'll be using the Django Rest Framework.

Let's add this powerful toolkit to our environment:

$ pipenv install djangorestframework

One thing I love about Django is that it encourages breaking our web app
components into separate applications, which could be re-used in different projects if need be. I prefer to call it Plug 'n' Play😀. Now, let's create an app called api where we will be coding up the different endpoints for this project (but we are concerned with one for now 😀). We'll be utilizing the manage.py file already generated when we created a project.
N/B: The name of the app could be anything, so long as they are not reserved words.

To create an app, run:

$ python manage.py startapp api

This generates a folder api in the project folder bookstore_app that contains some boilerplate files and code. Now, we have to make the project aware of the new app we just created and the Django Rest framework toolkit we installed earlier.
To do this, we'll open the settings.py file in the project directory bookstore_app and add the name of the app api and rest_framework to a list of already existing app INSTALLED_APPS.

# ./bookstore_app/settings.py
...
INSTALLED_APPS = [
    ...
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'api',
    'rest_framework',
]

Now we are at the point of creating some views. On the views.py file in the api app, we'll be writing out the functionality GET request to return with a response "Welcome to the BookStore!".

# ./bookstore_app/api/views.py

from django.http import JsonResponse
from rest_framework.decorators import api_view

@api_view(["GET"])
def welcome(request):
    content = {"message": "Welcome to the BookStore!"}
    return JsonResponse(content)

That is all with the functionality, w are just left with adding the api app URLs to the project bookstore_app URLs. First, let's add a url that will call on this function we just created.

Let's create a urls.py file in the api folder

$ cd api
$ touch urls.py

In the api/urls.py file, let's add the welcome path

# ./bookstore_app/api/urls.py

from django.urls import include, path
from . import views

urlpatterns = [
  path('welcome', views.welcome)
]

And also, include the api URLs in the project's URLs

# ./bookstore_app/urls.py

from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    path('admin/', admin.site.urls),
    path('api/', include('api.urls')),
]

Annnnnnnndddd!!! We are done!! 🕺💃

Before we get the server started, let's run migrations first.

$ python manage.py migrate

Now the migration is done, let's fire up the server 🚀

$ python manage.py runserver

To test, make a GET request to the server on Postman with URL http://127.0.0.1:8000/api/welcome or visiting the URL on the browser.

I am really glad you got to this point. At this point, our server does not do much. Next, we will be adding authentication to our server.

Thank you for reading 😀