In today’s digital age, developing robust and secure web applications is essential. Django, one of the most popular frameworks for Python, offers powerful tools to build web applications efficiently. In this article, we will explore how to create a Django REST API that supports file uploads and user authentication. You will learn how to implement a system that allows users to register, log in, and securely upload files, thereby enhancing your application’s interactivity and functionality. Let’s embark on this journey to turn your ideas into reality!

Introduction

In this tutorial, you will learn how to create a Django REST API that supports user authentication and file uploads. This API will allow users to register, log in, and upload files securely.

Prerequisites

Before we start, ensure you have the following installed on your system:

  • Python (version 3.6 or higher)
  • pip (Python package manager)

Step 1: Setting Up Your Django Project

1.1 Install Django and Django REST Framework

Start by installing Django and Django REST Framework using pip. Open your terminal and run:

pip install django djangorestframework

1.2 Create a New Django Project

Create a new Django project by running the following commands:

django-admin startproject myproject
cd myproject

1.3 Create a New Django App

Within your project, create a new app where we will implement the API:

python manage.py startapp myapp

1.4 Configure Your Project Settings

Open myproject/settings.py and add 'myapp' and 'rest_framework' to the INSTALLED_APPS list:

INSTALLED_APPS = [
    ...
    'rest_framework',
    'myapp',
]

Step 2: User Authentication

2.1 Create a User Serializer

In myapp/serializers.py, create a serializer for the User model to handle user data:

from django.contrib.auth.models import User
from rest_framework import serializers

class UserSerializer(serializers.ModelSerializer):
    class Meta:
        model = User
        fields = ['id', 'username', 'email']

2.2 Create Authentication Views

In myapp/views.py, implement views for user registration and login:

from django.contrib.auth.models import User
from django.contrib.auth import authenticate
from rest_framework import generics
from rest_framework.response import Response
from rest_framework.permissions import AllowAny
from .serializers import UserSerializer

class RegisterView(generics.CreateAPIView):
    queryset = User.objects.all()
    serializer_class = UserSerializer
    permission_classes = [AllowAny]

class LoginView(generics.GenericAPIView):
    permission_classes = [AllowAny]

    def post(self, request):
        username = request.data.get("username")
        password = request.data.get("password")
        user = authenticate(username=username, password=password)
        if user is not None:
            return Response({"message": "Login successful"})
        return Response({"message": "Invalid credentials"}, status=400)

2.3 Set Up URLs

In myapp/urls.py, define URLs for the registration and login views:

from django.urls import path
from .views import RegisterView, LoginView

urlpatterns = [
    path('register/', RegisterView.as_view(), name='register'),
    path('login/', LoginView.as_view(), name='login'),
]

Then, include these URLs in your main myproject/urls.py:

from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    path('admin/', admin.site.urls),
    path('api/', include('myapp.urls')),
]

Step 3: File Upload Functionality

3.1 Create a File Upload Serializer

In myapp/serializers.py, add a serializer to handle file uploads:

from rest_framework import serializers

class FileUploadSerializer(serializers.Serializer):
    file = serializers.FileField()

3.2 Create a File Upload View

Add a view in myapp/views.py to handle the file upload:

from rest_framework.views import APIView
from rest_framework.permissions import IsAuthenticated

class FileUploadView(APIView):
    permission_classes = [IsAuthenticated]

    def post(self, request):
        serializer = FileUploadSerializer(data=request.data)
        if serializer.is_valid():
            file = serializer.validated_data['file']
            # Handle the file (e.g., save it)
            return Response({"message": "File uploaded successfully"})
        return Response(serializer.errors, status=400)

3.3 Set Up File Upload URLs

Update myapp/urls.py to include the file upload endpoint:

urlpatterns += [
    path('upload/', FileUploadView.as_view(), name='file-upload'),
]

Step 4: Configure Media Settings

4.1 Update Settings for Media Files

In myproject/settings.py, configure media settings to handle file uploads:

MEDIA_URL = '/media/'
MEDIA_ROOT = os.path.join(BASE_DIR, 'media')

4.2 Serve Media Files in Development

Update myproject/urls.py to serve media files during development:

from django.conf import settings
from django.conf.urls.static import static

urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)

Step 5: Run Your Server

Before running your server, apply migrations:

python manage.py migrate

Now start the server:

python manage.py runserver

Step 6: Testing the API

You can use tools like Postman or cURL to test your API endpoints.

6.1 Register a User

Send a POST request to register a user:

POST /api/register/
{
    "username": "testuser",
    "email": "[email protected]",
    "password": "password123"
}

6.2 Log In

Send a POST request to log in:

POST /api/login/
{
    "username": "testuser",
    "password": "password123"
}

6.3 Upload a File

Once logged in, you can upload a file:

POST /api/upload/
Authorization: Token <your_token> 
Content-Type: multipart/form-data
{
    "file": <your_file>
}

Conclusion

Congratulations! You have successfully built a Django REST API that includes user authentication and file upload functionality. You can now extend this API by adding more features such as JWT authentication, file storage solutions, or additional endpoints to enhance its capabilities.