Post

[Understanding APIs] Caching, Layered Architecture, and Authentication in Django

Posted Updated
By Joe 2 min read

Coursera

1. Caching

  • Caching is a technique of serving saved results instead of creating a fresh one every time it is requested

  • Caching can be implemented at various levels : Reverse Proxy Server , Web Server , Database

2. Layered Architecture

  1. Visitor

    The client or User accessing the DRF, and initiates a request to interact with the API and retrieve or manipulate data

  2. Firewall

    Act as a security layer, protecting the DRF from unauthorized access and potentical threats

  3. Reverse Proxy Server

    It serves as an intermediary between the client and the web server. It receives requests from the client and distributes them to the appropriate web server based on factors (load balancing, caching)

  4. Web Server

    Handling HTTP requests from the client and generating responses. It processes the incoming request, and retrieves or manipulates data from the database servers

  5. Database Server

    The database servers store and manage the data needed for the DRF. Handle storage, retrieval, and manipulation operations based on the requests received from the web server

3. Pagination

  • Allows for the division of large sets of data into smaller, more manageable chunks, commonly referred to as pages

  • Without using Pagination, the client will get 1000 orderes every time when they actually only need the latest 10 orders → Wasted

  • Example : 5 items in One page (best practice)

    http://localhost:8000/api/menu-items/?perpage=5&page=1

4. API throttling

  • To prevent API abuse, two major type of throttling

  • anonymous or unauthenticated user

  • authenticated user

    1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

      from rest_framework.response import Response
  from rest_framework import viewsets 
  from .models import MenuItem 
  from .serializers import MenuItemSerializer

  class MenuItemsViewSet(viewsets.ModelViewSet):
      queryset = MenuItem.objects.all()
      serializer_class = MenuItemSerializer

      def get_throttles(self):
          if self.action == 'create':
              throttle_classes = [UserRateThrottle]
          else:
              throttle_classes = []
          return [throttle() for throttle in throttle_classes]

5. Bearer Token

  • A type of access token used in token-based authentication system

  • It includes in the Authorization header of an HTTP request and prefix Bearer

  • The actual token value can be a JWT or any other token format

6. JWT

  • It is a specfic implementation of a bearer token

  • JWTs consist of three parts (header, payload, and signature)

7. Djoser

  • Django library that provides a set of ready-to-use views, serializers, and authentication endpoints

  • Djoser supports various authentication methods (JWT)

Coursera
python django
This post is licensed under CC BY 4.0 by the author.