REST API

[tarxvftech]

Make a minimal REST API allowing the creation of DuplexFrequencyPairs and Repeaters using the Django Rest Framework. The API should be public for viewing, but require a logged in session or (later?) some kind of token. Django Rest Framework has a lot of this pre-built, use the standard tools as much as possible. Make recommendations for future work on API tokens and rate limiting anonymous clients.

[Josephtobi]

can i jump on this?

[Josephtobi]

checking the models i can create drf post views that post the request to the models and using jwt tokens to verify users

[tarxvftech]

All yours! :D

[Josephtobi]

rest framework setup only issue now is should i worry about how the authentication happens or i should just use the default is login permission class of drf

[tarxvftech]

What do you think about these kinds of permissions?:

• Authenticated API users can create new repeaters (making them the 'owner' of that repeater), but
• edits for a repeater or its associated data are restricted to the owners of that repeaters (or staff users), and
• anyone can view any repeater data, even unauthenticated users.

[Josephtobi]

sounds like the default basicauthentication with GET list view accessible to everyone POST needing logged in user PUT using the owner field to verify

my issue is i dont see any user management system both for django and my drf

[Josephtobi]

should i build with the impression they would be built later ( wont mind creating a pr for that )

[tarxvftech]

Yeah, we're quite barebones still. Feel free to mock/skeletonize/document any dependencies that don't exist yet and it'll be a problem for another day, or potentially another PR like you suggest :)

So far I've been using the built-in django /admin for user management. If something more user management is truly needed, use your best judgement as to what's still in scope for the issue and what should be removed and tabled for later or another PR. :grin: