Hi all , I have applied for the project mentioned on the ideas page *Authenticated REST-API in Postorius/Django - *[0] So as per the Project idea, I have been doing some research on my end figuring out what would be the best way to achieve this. Since Postorius is based on Django , I have been trying Django specific solutions to serve the functionality currently offered by the Postorius web interface in the form of RESTful API's. As of now , I have been working on two different Django based frameworks to build RESTful APIs.
1. Django-REST-Framework 2. Django-Tastypie Initially , I was familiar with tastypie and I was strongly considering to use Tastypie only for this project. However after some advice from Richard , I am trying to be more flexible and I am trying to evaluate both the frameworks separately. At the moment I am going through Tastypie Documentation and resources , as I am yet to figure out how to use it with Non-ORM data resources precisely how to integrate it into postorius so I can serve the APIs . I would be glad , if I could get some more help on this. Secondly with the django-rest-framework , I tried certain approach [2] which firstly helped me in integrating the data served by the Mailman Core REST server and relay it via HTTP using the django-rest-framework. I don't know if this is the right approach to the project , but let me try to explain : Since Django-rest-framework has following concept : It provides serializers to convert complex data into python native data type and which could be easily rendered into json. Then these data sets could be structured and served with the class based views. So lets say if I want to GET localhost:8001/ postorius/settings/domains/index I tried took the following approach : # Serializer class MailmanSerializer(serializers.Serializer): mail_host = serializers.CharField(max_length=200) url_host = serializers.CharField(max_length=200) contact_add = serializers.CharField(max_length=200) description = serializers.CharField(max_length=200) # model class MailmanObject(object): def __init__(self, field ,field2 , field3, field4): self.mail_host = field self.url_host = field2 self.contact_add = field3 self.description = field4 And my Views is something like this : #Views class ApiView(generics.ListCreateAPIView): serializer_class = MailmanSerializer def all(self, request, *args, **kwargs): dict = [] dictb = [] dictc = [] dictd = [] for i in client.domains: dictc.append(i.mail_host) dict.append(i.base_url) dictb.append(i.contact_address) dictd.append(i.description) listObj = MailmanObject(field=dictc,field2= dict,field3=dictb, field4=dictd) serializer = self.serializer_class(listObj) return Response(serializer.data) and when I make curl -X GET http://127.0.0.1:8000/postorius/api/settings/domains/index/<http://127.0.0.1:8000/postorius/api/settings/domains/index/> *HTTP 200 OK* *Vary:* Accept *Content-Type:* text/html *Allow:* HEAD, GET, POST, OPTIONS {"mail_host":["aregee.com","rahulgaur.info"],"url_host":["aregee.net","rahulgaur.net"],"contact_add":["postmas...@aregee.com","postmas...@rahulgaur.info"],"description":["mail list","mail_list"]} Please let me know If I am working in the right direction and also do point out what are the things I have been overlooking in my approach. I can also use some help in evaluating which of the two frameworks would be suitable for the project. I would be glad if I can more insight on what are the technicals skills I need to focus and some reading recommendations for gaining better insight to complete this project successfully. I am also reading Leonard Richardson's and Sam Ruby's O'Reilly book on RESTful Web Services as recommended by Barry. Now about the authentication part , what would be the best possible solution for providing authentication ? There have been lot of debate on this topic already , I don't want to add more complexities but I would like to know what would be the most workable way of providing authentication for the starters.Maybe we can consider a different approach over the summer. Also there has been a discussion on "Architecture for extra profile info" , wouldn't this feature would be helpful in providing specific set of permission for what part of data can be accessed by authenticated API users ? Would it be more along the lines that any authenticated restful api user would be able to access all the resources offered by public facing RESTful API ? Another thing I have been considering , what would be the end deliverables of this project , what I mean to say is will the Public facing RESTful API be offering functionality currently possible with postorius via RESTful APIs or it should also include more features ? *Stephen Turnbull* May 2, 2013, 7:23 p.m.<http://www.google-melange.com/gsoc/proposal/review/google/gsoc2013/argee/26002#c42002> > > This proposal is very complete. It will take some time to evaluate the > proposal as a whole. But I am still concerned that the proposal seems to > propose a new API to be offered by Postorius. Postorius is already > designed as a client of the core REST API, it seems to me that it would be > more useful to improve the core API rather than relay via Postorius into a > new API. > Steve mentioned the following on melange , maybe we can discuss more on this. As I have already mentioned , I based my proposal upon the idea of introducing the authenticated public facing RESTful API's in Postorius so most of my approach has been Django centric. I have just done with my college practicals and end semester exams would commence from 17th of may up till 31st of may and I would have lot of free time after that. I can still dedicate a week and look into this topic , if this is the actual requirement of the project rather than relaying the core api via postorius into a new api. Thanks & Regards, Rahul ------------------------------------------------------------------------------------------------------- *Rahul Gaur* *irc : iamaregee2* *web: *http://www.rahulgaur.info* * *blogs : *aregee.wordpress.com , <http://sanencynicalwriter.wordpress.com/> http://sanencynicalwriter.wordpress.com/ *fb:* http://facebook.com/iamaregee *github: *https://github.com/aregee _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9