context in nested serializers django rest framework

Ok i found a working solution. I replaced the ChildSerializer assignment in the Parent class with a SerializerMethodField which adds the context. This is then passed to the get_fields method in my CustomModelSerializer: class ChildSerializer(CustomModelSerializer): class Meta: fields = (‘c_name’, ) model = Child class ParentSerializer(CustomModelSerializer): child = serializers.SerializerMethodField(‘get_child_serializer’) class Meta: model = Parent fields … Read more

Pass request context to serializer from Viewset in Django Rest Framework

GenericViewSet has the get_serializer_context method which will let you update context: class MyModelViewSet(ModelViewSet): queryset = MyModel.objects.all() permission_classes = [DjangoModelPermissions] serializer_class = MyModelSerializer def get_serializer_context(self): context = super().get_serializer_context() context.update({“request”: self.request}) return context For Python 2.7, use context = super(MyModelViewSet, self).get_serializer_context()

What’s the appropriate HTTP status code to return if a user tries logging in with an incorrect username / password, but correct format?

If you are strictly using the HTTP authentication framework provided by RFC 7235 for your REST API, the correct HTTP code would actually be 401. From the RFC: The 401 (Unauthorized) status code indicates that the request has not been applied because it lacks valid authentication credentials for the target resource. The server generating a … Read more

Logging requests to django-rest-framework

I made a generic RequestLogMiddleware that can be hooked into any Django View using decorator_from_middleware. request_log/middleware.py import socket import time class RequestLogMiddleware(object): def process_request(self, request): request.start_time = time.time() def process_response(self, request, response): if response[‘content-type’] == ‘application/json’: if getattr(response, ‘streaming’, False): response_body = ‘<<<Streaming>>>’ else: response_body = response.content else: response_body = ‘<<<Not JSON>>>’ log_data = { … Read more

Django Python rest framework, No ‘Access-Control-Allow-Origin’ header is present on the requested resource in chrome, works in firefox

Install the cors-headers package with pip install django-cors-headers Adds to your installed apps INSTALLED_APPS = [ … ‘corsheaders’, … ] Add on your MIDDLEWARE remember to add as being the first in the list MIDDLEWARE = [ ‘corsheaders.middleware.CorsMiddleware’, ‘django.middleware.common.CommonMiddleware’, … ] Before installed apps put this configuration for anyone to access CORS_ORIGIN_ALLOW_ALL=True Or create a … Read more

CSRF validation does not work on Django using HTTPS

Django 4.0 and above For Django 4.0 and above, CSRF_TRUSTED_ORIGINS must include scheme and host, e.g.: CSRF_TRUSTED_ORIGINS = [‘https://front.bluemix.net’] Django 3.2 and lower For Django 3.2 and lower, CSRF_TRUSTED_ORIGINS must contain only the hostname, without a scheme: CSRF_TRUSTED_ORIGINS = [‘front.bluemix.net’] You probably also need to put something in ALLOWED_HOSTS…