Django Rest Framework Cookiecutter

A Production ready project that aims to kickstart building API based internal tools for business.

Features

• For Django 4.1

• Works with Python 3.11

• python-decouple based settings

• Folder based settings structure

• Secure by default.

• Optimized development and production settings

• Authentication via djangorestframework-simplejwt

• Comes with custom user model ready to go

• Media storage using nginx

• 2FA Built in using django-otp

• Custom login middleware to login using email or phone number

• Logging built in using django-auditlog

• Cors headers built in using django-cors-headers

• Minimal Device detection management using a custom model via django-user_agents

• Standardized API error response format using drf-standardized-errors

• Custom SMS, Email templates ready to use

• Twilio integration

• Custom email handler

• Throttling built in

• Password reset endpoints built in

• Ready to use Account management endpoints (Users, Groups, Permissions, etc.)

• Ready to use Auth endpoints (Login, Logout, 2FA, Reset Password etc.)

• 43 endpoints ready to use

• Optimized ModelViewSet for all endpoints that includes

  • Authentication
  • Permissions
  • Filters
  • Pagination
  • Custom queryset for ORM optimized ?fields parameter

• Custom pagination

• OpenAPI documentation ready using drf-spectacular.

• Email login notifications for unrecognized devices

Requirements

Python 3.7 to 3.11 supported. Django 3.2 to 4.2 supported.

2FA Overview

2FA is enabled by default for all options 'SMS', 'EMAIL', 'TOTP' devices .

Workflow

Usage

First, clone drf-cookiecutter

git clone https://github.com/Rakanhf/drf-cookiecutter.git

Optional : Rename project from mainbrain to your desired name

Secondly :

pip install -r requirements-dev.txt

Thirdly :

• Generate a secret key follow this tutorial
• Rename .env.sample to .env and fill in the variables

Finally :

python manage.py runserver

Amazing! now just run the server and it's all done :)

Configuration

OTP_DEVICE_CLASSES: dict

Adding the desired 2FA methods Example:

OTP_DEVICE_CLASSES = {
	"totp": "otp_totp.TOTPDevice",
	"email": "authentication.CustomEmailDevice",
}

RESET_PASSWORD_URL: str

Add the dashboard rout URL Example:

RESET_PASSWORD_URL = "http://localhost:3000/auth/reset-password/"
# Link output :
# http://localhost:3000/auth/reset-password/{Token-Here}

OTP_SMS_BODY_TEMPLATE: str, OTP_EMAIL_BODY_TEMPLATE: str

This is the location of the body template for the sms, email Example:

OTP_SMS_BODY_TEMPLATE = os.path.join(BASE_DIR, "core/templates/emails/auth/sms_otp.html")

API Docs

I have included the openapi schema so you can use it with your personal favorite API docs framework .

• Swagger UI

http://127.0.0.1:8000/docs/

• Redoc UI

http://127.0.0.1:8000/docs/redoc/

Testing

This project uses coverage to measure the code coverage of the tests.

coverage run --omit='*/.venv/*' manage.py test

Notes

• There is no built in registration endpoint since the aim of this project is accelerate building of internal tools and in many cases the users get created by the superuser instead.