Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Django RESTQL is a python library which allows you to turn your API made with Django REST Framework(DRF) into a GraphQL like API. With Django RESTQL you will be able to
Send a query to your API and get exactly what you need, nothing more and nothing less.
Control the data you get, not the server.
Get predictable results, since you control what you get from the server.
Get nested resources in a single request.
Avoid Over-fetching and Under-fetching of data.
Write(create & update) nested data of any level in a single request.
Isn't it cool?.
Want to see how this library is making all that possible?
Check out the full documentation at https://yezyilomo.github.io/django-restql
Or try a live demo on Django RESTQL Playground
pip install django-restql
Using Django RESTQL to query data is very simple, you just have to inherit the DynamicFieldsMixin
class when defining a serializer that's all.
from rest_framework import serializers
from django.contrib.auth.models import User
from django_restql.mixins import DynamicFieldsMixin
class UserSerializer(DynamicFieldsMixin, serializer.ModelSerializer):
class Meta:
model = User
fields = ['id', 'username', 'email']
Django RESTQL handle all requests with a query
parameter, this parameter is the one used to pass all fields to be included/excluded in a response. For example to select id
and username
fields from User model, send a request with a query
parameter as shown below.
GET /users/?query={id, username}
[
{
"id": 1,
"username": "yezyilomo"
},
...
]
Django RESTQL support querying both flat and nested resources, so you can expand or query nested fields at any level as defined on a serializer. In an example below we have location
as a nested field on User model.
from rest_framework import serializers
from django.contrib.auth.models import User
from django_restql.mixins import DynamicFieldsMixin
from app.models import GroupSerializer, LocationSerializer
class LocationSerializer(DynamicFieldsMixin, serializer.ModelSerializer):
class Meta:
model = Location
fields = ['id', 'country', 'city', 'street']
class UserSerializer(DynamicFieldsMixin, serializer.ModelSerializer):
location = LocationSerializer(many=False, read_only=True)
class Meta:
model = User
fields = ['id', 'username', 'email', 'location']
If you want only country
and city
fields on a location
field when retrieving users here is how you can do it
GET /users/?query={id, username, location{country, city}}
[
{
"id": 1,
"username": "yezyilomo",
"location": {
"contry": "Tanzania",
"city": "Dar es salaam"
}
},
...
]
You can even rename your fields when querying data, In an example below the field location
is renamed to address
GET /users/?query={id, username, address: location{country, city}}
[
{
"id": 1,
"username": "yezyilomo",
"address": {
"contry": "Tanzania",
"city": "Dar es salaam"
}
},
...
]
You can do a lot with Django RESTQL apart from querying data, like
Full documentation for this project is available at https://yezyilomo.github.io/django-restql, you are advised to read it inorder to utilize this library to the fullest.
Django RESTQL Play Ground is a graphical, interactive, in-browser tool which you can use to test Django RESTQL features like data querying, mutations etc to get the idea of how the library works before installing it. It's more like a live demo for Django RESTQL, it's available at https://django-restql-playground.yezyilomo.me
python runtests.py
We welcome all contributions. Please read our CONTRIBUTING.md first. You can submit any ideas as pull requests or as GitHub issues. If you'd like to improve code, check out the Code Style Guide and have a good time!.
FAQs
Turn your API made with Django REST Framework(DRF) into a GraphQL like API.
We found that django-restql demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.