**Building an API with Django and Python**

We're calling the API auth to get a token. There we go. Token, it works. I'm going to zoom in each time. I know it's small. I do apologize, but at least you've got instructions. You've got the code. Next, we want to check and get all of the items. Remember, this is the domain. The endpoint is item. That is a retrieve all. We're getting all items in the database, providing we send through the token back into Docker, drop it in there. And I expect to see two items. We've got two in the database. Now what happens if I remove the header with the authentication token?

There you go. Not authenticated. Perfect. That's exactly what we want to see. Next, we want to retrieve one item that we have in the database. There we go. Pass through the UID, and it gets a single retrieved one item. Well, so we got this, got retrieve all orders. Yeah, we can look at that one. Back to Docker, retrieve all orders. We've got two. We haven't got any orders in the database. Let's make an order, shall we? Your UID authentication.

This will place an order for item ID. Sorry, I'm moving around on this. I probably should have looked right. If I change that, this will retrieve all orders. This will retrieve a single item. This will place an order for an item. Let's place an order for an item, shall we? Sorry, not handy when you're making a video. What is this doing?

We're calling HTTP. We're calling the order endpoint. We're passing through an authentication token. Then we create an adjacent data type, and we send it through the ID of the item and a quantity. I know that we've got the stock of one. Let's copy that. We'll drop that in here. That will create an order. If I do that again and change the quantity to 1,000, I know we don't have a stock of 1,000. That should say there is not enough stock. Remember, we're validating that. If there's not enough stock, we're raising an exception.

Brilliant. Now we can call the... I'm seeing the trouble with Docker. You can't press up and get your previous. Let's check all orders, and then I won't keep you on here any longer because you can do this in your own time. We should now see one order, right? There we go. Brilliant. That is exactly what I wanted to see. Just zoom in.

Again, we added an order of one, remember, and retrieved it. I also showed you... Where is it? Where is it? Where is it? There we go. What I'll do, I'll create another order just quickly, and I'll create that with five. I believe we've got enough stock. There is. We will then get all of our orders with this one here. Copy, back in the Docker. Drop it in there. It should now have two. Perfect. That's exactly what I wanted to see.

**Conclusion**

That is it. That is the end of the course. Let's just recap quickly. What have we done? We've gone through eight modules. The first two modules were all about getting the code, configuring a Django project, essentially. Nice and easy stuff. We created a core app with a contact endpoint, a normal model serializer, and we've just got a post request. We're using an API view, which is similar to a Django class view. Brilliant.

We've then invoked or added token authentication to the project, created an e-commerce app with an item and an order endpoint with permission classes. Only those that have got an authentication approval can view, retrieve, create information. We have now created a very, very good, not production ready, API, but it's a good API that you can use and hopefully refactor and use it in your own project.

Now, I'd just like to thank everyone for watching. If you like this content, then please visit DidCoding and you'll see many more videos like this on my channel. Like this video on FreeCodeCamp and add a comment because I do get to see those comments. Comments from previous courses on FreeCodeCamp really has led to me building some other courses and tutorials.

Just before I close the video out, I just would like to thank FreeCodeCamp one more time just for allowing me to create this course and for them to post it on their channel. Keep up the good work, keep that free content coming. Again, thank you very much and hopefully I'll be seeing you very, very soon. Bye-bye.

"WEBVTTKind: captionsLanguage: enThe Django REST framework is a flexible toolkit for building web APIs using Python.Bobby Stearman teaches this course about how to use the Django REST framework.Bobby is a senior software engineer and has created many popular tutorials.Hi everyone and welcome to this course that I'm putting together for free CodeCamp over the nexthour or so. I'll be showing you everything you need to know to build your own web APIusing Django REST framework. I'm Bobby Stearman from DigCoding and welcome to this course.Let's begin. Hi and welcome to the start of this course. So let's cover this off straight away.What is Django REST framework? Well, it's a toolkit that allows you to buildweb APIs. Okay, so think of it as a standalone API where your clients can make requests such as get,post, put, delete requests to you. Your API receives this information, it validates theinformation and it responds to the user. That's essentially what we're trying to do here. It'svery powerful. It's very popular. A lot of projects that I work on these days are using Django RESTframework. Some of the projects that I use or I work on at the minute just use Django RESTframework as a backend and then they use a react or review front end. So a single page application.Like I said, it's very popular, very powerful. That's why I decided to put this course together.It'll take me about an hour to an hour and a half to finish the course. It's made up of eightmodules. The first two modules are cloning down a repository that we've got on GitHub.And then module three onwards will be looking at building models, serializers, routers and views.Okay. By the end of this course, we will have a fully functional web API where we can makerequests to, and we will get responses. And in the background, it'll be saving information to adatabase. Okay. Each module comes with a set of instructions, so step by step guides, and this canall be found on GitHub, which I'll show you in a moment or two. I will be here following alongevery single step of the way. Like I said, at the end of this course, we'll have an app thathopefully you can then refactor and add it to your own project. Okay. So let's begin.What you can see on screen is Django REST Framework's homepage. Now this is a greatreference point for their documentation. It's got examples. It shows you how to install stuff.It's fantastic. If ever you hit a brick wall or a dead end, this is always a good place to start.Always read the docs. So I'll be referencing this a few times throughout the course.Another thing, Docker. This project is a Django project that's entirely Dockerized.So it stands to reason that it's a good idea if you have Docker and Docker Compose installed onyour local machine. That way, when you clone everything down, you can follow along with meevery single step of the way. It just makes it a lot easier when putting a course like this togetherand it negates the need for prerequisites like Python and curl or HTTP on your machine.So by installing Docker, it allows you just to keep up and be a lot. It's a lot more fluid.Okay. So pause the video, install Docker and come back.Last link that I want to show you is GitHub. You do not need a GitHub account to get yourhands on this code. It's a public repository. If you don't have a GitHub account, click thegreen button here, download zip, extract the files on your local machine and you've got the code.Okay. So you don't need an account. However, if you do have an account,you have some options of cloning this repository and I'll show you those in a second.So the project is called drf underscore course. It has numerous different branches. Main is default.That's just kind of the empty box. If you like hasn't got much is the very, very bare bonesof the project. You have a complete branch. That's the complete project. And if you clone that down,you skip forward to the end of the course and you've got all of the code.I would advise you to watch the video as it's a much better way of doing a deeper dive on drf.Okay. And then you've got one module or one branch for each module. So there's eight modules in thecourse module one and module two are set up configurations and module three onwards is buildingout of the app. Okay. So these are the directories and the files, and then you've got a read me file.Okay. So bit of an intro. So welcome to the course is great if you're looking to learn drf.And it's also great if you're looking to build an API. Like I said, it's popular, it's powerful,and it really will be a good string to your bow. It does say prerequisites of Python 3.10.I do use matching case statements in this course, and only got released in Python 3.10. If you'vegot it on your local machine, great. However, the containers in Docker already have Python 3.10 inthere, so you shouldn't really need them. Also, I go on to say that you it's handy to make calls tothe API to have curl or HTTP installed on your machines that you can make calls. But again,I've got containers built in this project with it all loaded up. So you don't need to installanything. So that's why I say install Docker. Okay, let's get started. When we clone this down,we want to clone it down into a directory and you want the local machine called drf underscorecourse. That is our root directory. I reference it a lot throughout the course. So please call it bythat name. Don't call it Bobby's course, Billy's course, call it drf underscore course. It justmakes our life a lot easier. I've already got one on my machine and my text editor, which in thiscase is BS code is already open in that directory. Okay, so I've skipped that part. But if you canopen up this directory, and then take the clone code from here, I have an SSH key, you can usethis GitHub CLI if you have it or the HTTPS option. I have an SSH key. So I'll be using that.And lastly, before I open up VS code. Each of these modules are recorded individually as wellon my own YouTube channel. So if you like this course, and you like this content, then I advisehaving a look at the decoding channel and the playlist on there. Because like I say,if you like this content, you probably like the other content that I put out there. So that'sthat. I've copied over my git clone command, let's open up VS code. As you can see here,let's make it a bit bigger. I've got drf course here. And it's a instance of my VS code. So newterminal. Right click that in there, the little full stop at the end here will clone it downinto drf. I have a passphrase. So I'll pop that in there. And there we have it. Great. So whatI like about VS code is especially when you're coding in Python, and do Django apps, VS codehas a whole bunch of extensions that make it act like an ID. And it's very, very good when you'reusing Python. So I would strongly advise that you get it installed in your machine if you'refollowing along. And also, the reason I'm using markdown language for the steps is in VS code,it has a preview option. So you can actually preview that markdown. And it renders it likeit would in a web page. So this is what we get, we get a directory called backend, we get a directorycalled steps. And then we have a get ignore, we have a Docker compose file, which we need withthe firing up the project. We have a template ENV, readme file and the server PY. Don't worryabout server PY file. One of the containers that we're building in Docker is actually a Flask app.And it allows us to just to fire up another application and make requests to the API.The reason I'm using Flask is because it's, it's a lot easier to set up a Docker container usingFlask than it is Django. In this instance. So let's not worry about that too much. Let's go aheadand open up module one steps and open up as a preview. I'm hoping that's going to look okayon the screen. I'm going to close my terminal for now. There we go. So I'll say this now and notthroughout the course, each module has a start, a middle and an end, the start will show you whatyour config, your directory configuration should look like, where your files are, how they'reconfigured. When I watched previous courses to this years and years and years ago, I found thatI'll be following along and I'll be saving files in the wrong directories and wrong, the directoryto be called something slightly different. I've tried to be as thorough as possible. This is whatyour directory should look like at this present moment in time. And at the end of the file, rightat the bottom here, this is what it should look like at the end of the module. Hopefully that'sgoing to be helpful for you. And the middle part of the module is the instructions and the walk,the step by steps that I'll be walking along with you. So look, we've got a backend directory,a steps directory and a few files. So we're good to go. If you're ever in doubt and you'vecloned this down from Git and you can change and pull down the code from the module branch as itwent, and that should reconfigure things for you. Okay, steps, commands. You should now have adirectorial DRF course in your development directory. This will be known as your rootdirectory. In this module, we will be starting our project. To do this, we need to create a virtualenvironment. Now, this is Dockerized. We don't necessarily need the virtual environment whenwe've got the Dockerized project. However, I do reference some bits and pieces in the restframework directory that we're installing. Now that's all installed in Docker, but it's handyto have the virtual environment in the project also so I can open up those files. So just bearwith me. So first thing you want to do, you want to invoke this command, this Python command,and we'll open up our terminal. Make sure you're in the root directory and we're creating a virtualenvironment and we're calling it venv. I'm on a Windows machine, so to fire up that virtualenvironment, I use this command here. Okay, and how do I know it's running? I've got venvin brackets there. Can you see that? Now we can go ahead and we can install all the dependenciesof the project. I want this to be more about Django rest framework, rather than Python andpip and Django. So I've already created a requirements file, which is in backend, whichis here. It looks like this. Now when we run the following command, it will cycle throughthese and install them into our virtual environment. Okay. So go back to the module,back to the module, and we will take this command, pip install, and we'll point ittowards the requirements file in backend and it cycles through and it'll install everything.You can see one of the things we're installing is Django rest framework,Django rest framework, JSON API, and Django filters. They're all working together in this project.We also got Python dot env. This allows us to identify environment variables in a filein the project. And that way we can have secrets and API keys and things like that in here.Okay. And this is the, this is the file that we'll be using for that. Okay.This that will command at the bottom here, the bit in yellow is saying, uh-oh, you need toupgrade pip. You can do that. It's not necessary really, but let's go ahead and do that.Place that and that should go ahead and then that'll update pip and you won't see thatproblem anymore. Good. Right. Go back to module one. It's a lot easier when I'm, um, not mirroringmy screen because my text is far bigger. So I don't get to see as much. So, uh, we've installedeverything right now. We've installed Django. That's the most important one actually in thisinstance. Um, Django 4.1.3. Okay. So that's the version of Django that we've got installed byinstalling it. We now have access to the Django commands and Django admin commands. One of thosecommands we're going to use is start project. Okay. So we use Django admin, start project.I don't want to dwell too much on this because it's not a Django course. It's a Django RESTframework course. Um, there we go. What we're doing, we're starting a project and we're dumpingit in backend. We should now see this DRF course on the left hand side here. Good secrets. We wantto copy the template that comes with the course and we want to call it dot ENV. So we now havethis file here and this will be picked up in the Django project. So it's looking for a secret key.It's looking for allowed hosts. Okay. But it's already pre-configured. You don't want to worrytoo much about that. And that, when I say module one and two is all about setup, that really is.Okay. So our configuration in module one, let's close this, should now look like this. We've gotbackend. We've got a new DRF course, which is here. See that we've got an init file. We've got ASCII,WSGI URLs and settings. Okay. That comes straight out of the box when you set up a Django project.We've got a new directory called virtual ENV or VENV. If I open that up, it's got include,lib and scripts. In lib, we'll have site packages. And if you look in here, this is everything thatwe just installed. We've installed Django REST framework, loads of other stuff, but Django RESTframework is really the heart of this course. Okay. If you go in here, we've got files such asserializers. So we'll be importing this in some of the projects. Some of these classes and methodswill be calling quite a lot in this course. So we'll become familiar with this setupup soon enough. Okay. But that is the end of module one. What we'll do is we will have aquick sneak peek here of module two. So we'll close this. We're going to steps module two.And the next module we will be, we'll be setting up a new app called core and we'll be added somebits and pieces to the settings file. Okay. So that's module one. See you in the next module.Okay. This is module two. What we're going to be doing is having a look at this module two,which is in the steps directory. We'll open it up and we'll open it as a preview. And as I said,in the last module, these files are broken down as a top middle and the bottom, the top, the bottom,show you the configuration, start and finish. And a bit in the middle is all about following stepsthat we can follow along together. I know that this is correct because I just completed it inmodule one. Just make, make sure that your configuration is where it looks or what it lookslike on the screen before moving on. And if not, just pull down from get. Okay. So Django makeseasier to build better web apps more quickly with this code. That's why I love Django so much. Right.So in this module, we'll be creating a Django app. A Django app is a Python package that isspecifically intended for use in Django projects. An application may use commonDjango conventions and it's normally all bundled up. Right. So we're going to create two apps inthis project. One of them is going to be called core. The other one will be called e-commerce.We won't bother ourselves with e-commerce just yet. Let's focus on core. So this app will holdlogic around core functions of the app. In this case, it's going to be a contact us model,serializer and view. So a user can buy some information at us at an end point. We'll takethe information, we'll save it into the database. In this instance, it will be a username, an email,so a username, a first and the last name, an email and a message. And we'll store that inthe database, which is quite helpful stuff. Okay. What we want is python manage.py start app core.That is the command we're going to be using, but you need to be in the backend directory. It won'twork in DRF course because we're calling the manage.py file, which is in here. Okay. So CDbackend, and then we'll add that command here. And it should start a new app called core. You seethat we now have access to it. However, we do need to tell Django that that core is active. So we needto change some bits in the settings file. So let's take this code. I don't want to glance too muchover the steps, but I don't also don't want to read it straight from the screen. So we need tochange some settings. Okay. So there's kind of three or four parts. We need to change. Firstthing we need to do is change the imports at the top of the screen so that we can actually accessENV environment variables. We're using python.env for that. And we just need to invoke instantiateit. So we have access to it. So if we open up Django, so DRF course, and then go to settings.py.This settings file has been constructed straight from Django. Okay. So it's got no changes in thereat all. You want to change this first line or line 13 and everything about it and just paste in whatI've just copied from the module. We've still got the path except now we're importing.env.We're importing operating system, which is a Python package. And now we're instantiating.envwith load.env. Okay. It's not DRF stuff, but it just is really helpful so that we can storeinformation outside of the settings. Next thing we want to do, we want to change secret key,debugging allowed hosts. So go back in steps, pick this up and drop it over this here. And whatthat's now doing is rather than looking at the secret key that comes straight out of the box,it's looking at the secret key in the ENV file, debug out of the ENV file and the allowed hostsout of ENV, which are these here. Okay. Great stuff. You're all with me. Next, we need to tellDjango that we want to use the core app that we've just created, but also we want to useDjango extensions, which is a great package that you can install into a project. We're going to beusing Django filters and REST framework. REST framework and Django filters work together.REST framework gives us access to all of the view sets, the serializers, the routers and thingslike that. So essentially you add an installed app so we can actually use Django REST framework inthe project. So we want to copy this and we'll drop that directly in installed apps. Okay.Django extensions, again, it's not DRF, but you have a load of module abstractsand that we can just use in our models in the project to allow us to have loads offields without having to code it up and it just speeds things up. Good. Next, we need to add somespecific Django REST framework variables. Go to the bottom of the settings file. So pick it upfrom the steps file and drop it in here. Okay. So what are we creating here? We're creating avariable called REST framework. So Django REST framework is looking for this variable in thesettings file. Okay. This is taken straight from Django REST framework.org and it's kind of a basicsetup. It's a load of key value pairs in a dictionary and it just adds some bespoke settingsto the instance of Django REST framework that we're playing with. One project might want tokenauthentication, another one might want pagination, things like that. Okay. So you can see we've gotexception handlers, we've got default pass classes, renderer classes. What else have we got? We'vegot test request default format. So when we write some tests later, this is the default format ofthe data that is being sent. Okay. And we'll add to this throughout the course. So we will be doingsome token authentication in this course. You'd be pleased to know. I think that's in module five.And yeah. Okay. They are the settings. URLs. Okay. So normally when you're working with aDjango project, you do things in a certain order. So you install the packages, change your settings,add the URLs to the URL conf because some of the packages require that. And then you go about andyou create apps, models, forms, views, URLs. Okay. In that kind of order. So we'll go through that,but this is the URL conf. What I'm going to do here, so we're going to add this to URLsstraight out of the box. It wires up admin. We're not going to change that because it's handy tohave access to the built-in admin page in this course. So we'll keep it as it is, but insteadwhat we're now brought in is two things. So we've got REST framework, import routers.Think of a router in Django REST framework as a way of directing routing traffic to your API,to the correct view. Okay. That's what we're doing there. So when a request comes into an endpointthat we specify, the router will help to direct that towards the view. It works well with theURL patterns that Django uses. Okay. So that's why we're bringing this in here. You can writea bespoke router, but the default route will, for instance, if we're doing a retrieve call in aview set, it will already know to look for the primary key. Okay. So you can have a bespokerouter that will look for type and key, but you need to write that. We're not doing that in thiscourse, but that is where you would handle that kind of logic. Okay. Migrations. Lastly, we nowneed to migrate everything to a database. Now we are using the straight out of the box database.We haven't got a post-rescue database or anything in this course. So by running migrate,make migrations and migrate, we'll be creating a database file essentially, and that will appearin the project. So let's go ahead and use these two commands. Look at my terminal. You see that?We're in the correct directory backend, and we click migrate. That's exactly what we're expectingto see. In Django, in the installed apps, there's certain things here like auth and content typesand sessions that have database tables. Now we will be using auth especially. We need those tablesin our database. So we run those migrations and migrate those tables into this. This is ourtemporary database. This is not a production ready database or anything like that, but this is whatwe'll be using. So we've just done that and we can now run a local server. So we'll do that quickly.We are going to use Docker in another module, but right now let's just fire up the server. Can yousee that? And that will say everything's looking good. And if we open up my browser and go to 127,and we'll just paste it in there. Oh, that's not what I wanted to apologize. One second.I think localhost should work. Yeah, there we go. It does work. So this is exactly what we want tosee at this point. It means we have configured things exactly where we need them to be to seethe web API in our browser. You can see that we've got no endpoints at all, but the built-inhomepage, if you like, is just a basic get request. And that's why you're looking at this page.Okay. So in the next module, we will start building out our core app. So we'll build some models,serializer, some views and routers so that we can actually make a call to an endpoint andmake it all work. Good. Where are we? So that is module two. Thank you very much. I'll see you inmodule three. Okay. Module three. Let's begin. I will just close down some of the bits from thelast module. Let's go to steps, module three, and we're going to preview. Good. So module one andtwo was all about setup and config. Okay. Arguably you could skip to this point if you're really goodat Django and you know what you're doing, you can start here. It's a basic setup. So start and end.So the start configuration should look something like this, the directory configuration. We've gota core app in backend, which is good. We've got that straight out of the box stuff. Nothing fancypants in there. Got a Docker file. Don't worry about that. Got DRF, got a DBSQL Lite file,which we have. We've got it here. That's a new file. And then we've got everything else that wehad. So we're all good to go. We don't need to change anything, but if you've lost track a littlebit, you can pull down from module three from GitHub. Good to go. Right. In the last module,we wired up to one new app, should I say as a typo. What we now need to do is we need to createa contact us endpoint so a user can send their name, email, a message to our backend. What weneed is a module. This is a Django convention. So we create a module which translates to an SQLtable with fields. Okay. Okay. We need a router to direct traffic to the endpoint, to a view,and then we need a serializer to serialize data. So a serializer is similar to a Django form.So it does a lot of the heavy lifting. So a serializer is kind of a piece of code thatsits between a request coming in and the backend. Now it serializes the say JSON data into Pythondata types and then back again. So it receives information, alters that information intosomething that Python can read, validates it, does stuff in the background, and then it spitsit back to the user. That's what a serializer is doing. Very similar to a form, right? Sothat's what we need to write. And then we have a view. The view handles all of the logic. Thiswill be a view set or a API view. An API view is very similar to a normal Django class-based view.But with Django RIS framework, they have some other views that we can use as well, like APIview, view sets, and some built-in mixings that we can use as well. Okay. So let's start withmodels. Remember we do models first. So pick up the code that you can see on the screen here.Copy it, go into core, go into models, Ctrl A, Ctrl V. Okay. And then save. It will have a dodgyimport. Don't worry about that. We'll cover that off in a second. But essentially we're importingmodels from Django. And we've got some extensions. So remember Django extensions give us someabstract models that we can use. A timestamp model gives us a couple of fields like created.An activator model will give us a status field and an activated date and a deactivated date.And a deactivated date. And also we'll have a title description model. That gives us a characterfield or two character fields, text field. And the reason I'm adding those is becausethe first name and the message will be a character field and a text field.All we need to do is just direct the serializer to the correct field. And that's why I wantedto add it into the course. And then we've got a model called contact. We're inheriting somebits and pieces here, including an abstract called model. Each of the tables in this course will havea UUID as an ID field. We'll create that in a second. Got meta class, and then we're addingan email field. So this is just the models.email field. All right. So this is, this is what we'llbe adding to the serializer also. And then we've got to done the string method here, which is astring representation of the model. Again, don't need to do a deep dive on this. This is a DjangoDjango model. And this is what the database will have in it. Let's construct that abstract.So abstract models, you will notice that we're importing an abstract model. I've already spokenabout that. We're going to have a ID field in each of our models with a UUID field. So copy this herein backend, we want a new directory. So we'll call this utils. Within that, we want a new filecalled thunderinit.py. And then another file in there called model abstracts.py and dump all ofthat code in there. Paste. Okay. Bringing in UUID from a Python, that's a built-in Python package,and then models. And all we're doing here is we're creating this class called model. It has an IDfield, which is a primary key. Okay. So we, we're using that primary key when we're making calls tothe API. And then in the class meta, we call it, we're saying abstract equals true, which meanswe can then inherit that in our, in our contact. Again, let's not dwell on that too much. Okay.Good. Serialize this. Remember serializer is some code that sits between the user requestand the backend and back again. So it handles the serialization of information data. Okay.So we need to create a file in our project called serializers.py in core new file.Okay. And then in there paste in this code, what are we doing? We are importing our model that wejust created for it's relative. That's what is this dot is here. And we're bringing in serializers.So let me touch on this quickly. So when from rest framework, import serializers, what are we doing?We are importing from our virtual environment. In this case, we're looking at a virtual environmenthere. We're looking for rest framework and then we're looking for filing here called serializers.Now by importing that we now have access to all of this. Okay. So in here we have the baseserializer, which will be abstract. Let's minimize some of this. So when we, when we create serializerand we inherit serializers dot serializer, it's this class that we'll be using. Okay.So you can see here we've got a default error message, we've got fields. So it's doing a lotof hard work there. Another thing we've got is a model serializer. So a model serializer is justa regular serializer, except that a set of default fields are automatically populated. So it links toa model. It's model serializer. Okay. So serializer field mapping. So this is the logic where if you'vegot a serializer field, it maps it to a model field. But this is the reason I'm showing you this isthis is what we're, we're importing. So a lot of courses you see online, it won't really do a deepdive on this sort of thing. You know, this import serializers from serializers. What does that mean?What are we actually using? So I'm just showing you that this is what we're doing. Okay. So whenwe create a serializer, we're inheriting from these classes. So we have access to all of themethods and functionality within good. And then yeah, from framework dot fields, we're accessingchild film and email field. Okay. They're the two fields that we're playing around with. Okay. Solet's create a contact serializer. We're inheriting model serializer. Remember this does the mappingto the fields. We have a name message and email field, very similar to Django forms. Okay. So youadd a variable and then you say what field type is what widget you're going to use. This is very,very similar except in this name. If you remember, we're using a Django extensions field calledtitle description. Now that gives us a field called title, but in the serializer, we want to call itname. So what we do is we point this towards the title field. Okay. That's why we've got sourceequals. That's what that keyword is doing. And we're saying required through. So we're expectingthat information to come through from the client. If we don't, it will get a 404 response. Sameagain for message. We're pointing it to description and email where we know there's an email field,right? So we've got an email field called email in the model. We have a class meta and in adirect it to the model that we're looking for. And then the fields that we want. That's it. That'sall we need for the serializer. Okay. We're linking the serializer to a model that we have.All we now need to do is wire up some views, save, but talking of views, let's take this code,copy, go into views in core, paste that in and we'll save that. Okay. So, um, from Jason,which is a Python package, bring in a Jason decoder error. Um, we're bringing in a Jasonresponse from a Django package. Then from dot serializers, which we just created,we're bringing in a serializer and a few bits and pieces from rest frameworks. We've got parsers.This allows us to handle the parsing of the Jason that we're going to be receiving from theclient. And we've got views. So there's a whole bunch of different views that we can handle.Let's have a look. You know, the views here, we're using an API view in this instance. Now,an API view is very similar to a Django class based view. And in a way you can have a getmethod, a post method, so on and so forth. So it'd really, really helpful if you've been workingwith Django for a long time. It's a good, nice, easy transition to use API views, but you haveother bits and pieces in here as well that you can also use. Good. And then you've got status.So status gives us access to a whole bunch of predefined statuses that are in, um, rest framework.So HTTP, uh, 200 equals 200. And we use that in the responses. We feed back to the client.Okay. So contact API view, parsing through views, the API view, which isWas it this? No, sorry, got too much open. Is this it? This is what we're parsing through.Okay. So we've got a deep, uh, we've got schema, got as view. Okay. Soremember it's like a class based view. And if you're going to render that to a webpage inDjango, you would use a dot as view at the end of it. If we have a function based view, you don'tneed to do that. Um, we've got some other methods here that we've got. We won't go in, it's not adeep, deep dive. This is a very sort of top level. Um, so we've got a get serializer context method.And we've got a get serializer method. Um, and at the top here in an API view, you need to put theserializer class. So the serializer class in this instance is a contact serializer. So we'll be usingthese two methods here to handle the getting off that serializer in an API view. So we now haveaccess to that serializer. And anyway, we've then got, what's the most important part of this viewis the post request. So what we're doing here is we are expecting some Jason to be sent in from aclient. First thing we want to do is to pass that Jason using a, the parser that's built into theDjango REST framework. Um, we then use this, we send that data through to the serializer to handlethe, um, serialization of information. Remember pointing it to the right fields.And if the information that's coming in is valid, i.e. there was a name, a message and an email,and the email is an email type, um, data type, and it'll be valid, same as a form, no different.Then what you do is you save the serializer like you would a Django form, and it saves thatinformation to the database. What you then do is you send a response back to the front end,which is the data from the serializer. Send information in, serializer takes the information,checks it, validates it, saves it to the database, sends the information back.Okay. That's what we're doing in this post method. If it's not, if there's an error,then we spit back a 400 bad request. We know in, it's not in views, we know in status,where is it there, that 400 is bad request and it will spit back a 400. Okay.And then if the encoding of the, if it doesn't come in as a proper JSON, then the decoding willfail and we'll send back a status 400 with an error message as well. Okay. So we're handlingthe information coming in, in this post request via review, same as you would in a view in Django.Okay. But now what we need is a router to route the traffic from the endpoint to the view.So what we need isin previous courses, I would have put a URLs or router file in here, but we're just using it fromthe DRF course, so the URL conf file. So, okay. We've just added that. So we've imported what'sdifferent. We've imported the cause views that we just created and we've added a new path toURL patterns. Now this is a, this is a API view. Again, like a class-based view, that's why we'vegot the as view at the end. Endpoint is contact and it's core views, contact view. So it's verysimilar to a URL pattern that we'd normally use in Django anyway. So this is why it's so easy tokind of get your head around if you're good at Django. And that's the, that's the, that's therouter. I think, no. What do we do? When we create models in Django, we register them so we can accessthem in a built-in admin page. So if you go into admin.py and save this code, it'll give us, itwill register contact to the admin page and give us access to any instance that is saved to thedatabase. Last thing we want to do is migrate the changes that we've got it in the database.Don't want that. Don't want that one. Let's go to CD backend. Remember you need to be in backend toinvoke the manage.py file. No more Django filters. Okay. No more. You know, the reason that's donethat is because we have not got a virtual environment. You see that in the bottom left,there's no open bracket ENV. So what I need to do is the ENV backslash scripts, backslash activate.bat because I'm on a Windows machine, CD back in the backend and then use those same pieces ofcode again. There we go. Good. We now have, you see we've migrated contact and we might, so wecreate a migration file and we've migrated it to the database. So by running those commands,we've created this file here and you can see we're creating a model called contact with all of thesefields. So we've got ID, which is a UUID field, created modified title description. So with oneline of coding models here, because we're inheriting all of this, it actually creates a whole bunch ofother fields, which is it. And then we've migrated it to the database. Good. Now we are in a positionto make a call to the data and make a call to the API. So what we'll do is we will deactivate,just deactivate your virtual environment when you're doing this. We will CD that one. So we'regoing to DRF course. And now what we want to do is we want to fire up Docker. So you go Dockercompose up dash D dash dash build. What that would do, that will call this file here. And whilstthat's just doing what it needs to do, I'll just show you what's in there. We're creating twocontainers. Okay. So the API, this is the Django app and another app, which is a Flask app, whichis a really, really small lightweight container that has Curl HTTPI installed, which will allowus to make a HTTPI request to the API. HTTPI, sorry, HTTPI is very similar to Curl, exceptthe response you get is really, really easy on the eye. And it's much, it's just better. I find itbetter than just a normal co-request. Now Docker should be running. Happy days. Look at the app.Sorry, that's a bit small. There we go. This is the app. So this is Flask. And then I'll be doinga lot of zooming. And then we've got the API. There we go, which is very similar to what you'dbe seeing if this was running is in your local terminal. Okay. So that's working perfectly well.I'm really happy with that. So we're going to app and open up the CLI, which is the equivalent isa command line interface. It's the same as your terminal. It's just, we have access to HTTPI.So what I'll do, I'll go back into module three and I will, where is it? Where is it? Where is it?Where is it? We will make this call. So what is this? HTTPI, that is the, I say you invoke a callusing HTTPI, similar to curl. We give it the endpoint. In this case, API is the name of thehost for the Django project. Before it had been local host or 127.0.0. The 8,000 is the port.No different if it was local host 8,000. It's just when you're in Docker in this course,you'll be using API. We pass through name, message, and email. They're the three fields.Copy this back in Docker, paste it there, and then press enter. And you can see that it's,I can't, I'm zoomed in, so I haven't got access. But you can see the JSON at the bottom there.That is the response we're getting from the API. So it's saying that it's actually createdan entry in our database with an ID of 881896. So that tells me it's worked. Now I candemonstrate that it's worked by logging into the admin page, but I won't in this module.Perfect. That is exactly where I want it to be at the end of this module.So we've got a new configuration of what a directory should look like on the left handside here, but we're not going to look at that. So don't worry, but please double check beforeyou move on to the next module. So thank you very much. And I'll see you in module four.Okay. Module four. Let's, sorry, I'm recording this as one here. I'm not editing at all. Soall of these screens are open because they were open a second ago. So module four, let me justtidy things up in my screen. Right. There we go. Module four, go into preview.This is what it should look like. Pause, have a check. I'm not going to spend too long on that,on that. Clone down if you need to make sure your directory setup is the same as what it is on myscreen. So in the last module, we built a contact endpoint. Now we want to do some tests. Okay.A, an app without tests is broken by design. Okay. So that's on the Django website, but it's verymuch true. If you don't have tests in your app, then you know, you're not going anywhere with it.So what we'll do, we'll pick up all of these test cases that are pre-writtenand I'll copy them and I'll go into backend core, open up the test.py file and drop them in.So if you're used to writing Django tests, what you'd normally do is you'd use,you'd write some unit tests and you'd test different methods and views and things like that.Well, in REST framework, you have something called an API client. Well, that constructs a clientsimilar to HTTP or the container in Docker to make a call to the backend. This is just a built-inREST framework API client allows us to make post, put, get, delete requests.So that's what we're bringing in there. We've also got API test case. Okay. So we're bringing in those,the contact test case inherits from API test case. And it's very similar to the Django test cases.You need a setup method, which constructs things in the test database, and then you can make callsagainst them. Okay. And then again, we're bringing in status like we did in the view. So we're goingto do assert equals against some of these tests that we're constructing. And we're expecting200s, 400s, 404s, and things like that. So if you use the Django, these are just pretty normalDjango tests, but because we're using REST API or Django REST framework API test cases, it willspend a little bit of time going through this, no more than a few minutes. So there's a setup method.We're calling self.client, the API client. Okay. So we can access the API client by self.clientin the methods themselves or in the test cases. We create a dictionary here, Python dictionarycalled self.data, and we add a name, message, and an email field. This is what we're expectingfrom the contact endpoint. And then a URL, which is self.url equals contact. Okay. So let meminimize some of these. Now it's important to note that we can call these when we runa Python manage.py test, or that's already built into the Docker instance. So when we fire upDocker, it automatically finds these tests and it runs them. So we've got what? Eight test caseshere. So we test the endpoint. We test the contact endpoint without a name. We test the contact wherename equals blank. And then we do similar to the message. And we do similar to email, except withthe email, what we also then do is we do send an email, but we send a data type that isn't an email.So it'd be like a string without an at symbol in it. So that's quite thorough test cases for justsingle endpoints. We've got eight tests. The first one is we, sorry, that's not the first one.The first one is we get the data from self.data. The response is self.client. So this is the sameas requests actually, say response equal requests.post, very similar to that. In this case,it's request.client.post. You pass through the URL and then you pass through the data, which is inthis case, what we're expecting. I would expect HTTP 200 OK, which is a 200 response. I wouldalso expect that the database has one entry in it. And I'd also expect that that databaseentry title is Billy Smith, because that is what's in here. OK, next, I won't go for each of thesebecause I'm sure you understand testing. What I do, I take the data and I use the dictionarymethod pop to remove name. So now we've got a dictionary without a key value name. Post it,I expect it to say 400 because we're expecting name and hasn't got one. Again, rather than poppingit completely, I remove name and just add a blank string instead and expecting 400. So these lastseven test cases, I'm expecting 400s. OK, so that's testing. Go back in a module. What wecan then do is we can use this command, Python manage.py in Docker. But this time we want to gointo the API container. That's the app container. I apologize. Go back in here, go into CLI. ChangesI make locally will work in Docker because I'm using something called volumes. So persists data.So essentially what happens outside of Docker in my project will also be in the Docker container.So those test cases will now be there. Should be.There we go. So it's run eight tests. We've created eight tests. They're all OK. So every time we'relooking for 200 bang on every time a 400. Perfect. So now what we can do is we've already done this.We've already done this. As in we've sent the test case. We sent it, did this in the last module.We don't need to do it again. OK, but we can check the database. So if we use Python manage.py shell,in here, and just zoom, it just invokes a Django shell or Python interpreter, the Django. Same aswhat you'd see locally. Now, what we can do here is we can say from core dot models. Import. Importcontacts. So we can say C equals contact dot objects dot last and then C. OK, and BobbyStearman. OK, that was the call we made in module two. Module three, sorry. OK, can you see that?It's probably quite small. I do apologize. It's just you can't change the font size in Docker yet.OK, so there we have it. That worked. And that's it. That's module four. Your directoryconfiguration should look like this on the screen. If it's not, pause, check, go back, make sure itdoes before we move on to the next module. I'll see you in module five. OK, module five.What have we got here? We've got back end. We've got steps. That's everything closed down. So we'repicking up exactly where we left off in module four. So we're going to steps and module five.We'll open up as preview. We're halfway through the course now. So it's probably a good time for meto say, look, if you like this content, please visit DidCoding's YouTube channel and subscribeand click the bell because you like other content that I add. And also drop a like on this actualvideo on FreeCodeCamp and comment as well, because I do get to see them. It's always good to havefeedback. So start and end of these step by steps. Just make sure the configuration on your localmachine matches what's on here. If not, clone it down. We've built our core app. We now need tobuild an e-commerce app. The e-commerce app will be used to, it'll have two endpoints. It'll have anitems endpoint and an order endpoint. So we want users to be able to call an endpoint and retrieveall the items that we've got in our shop. Okay. And also call it same endpoint and pass througha primary key to identify a single item. And then if they want to purchase it, they place an order.So there'll be an order endpoint for that particular item. So on top of that, we want todo some validation. So we want to make sure that the item has stock. We want to also make surethat only users that are authenticated can access these endpoints. So there's a few little bitswe're going to be looking at over the next four modules. We're going to add token authenticationto our app. We're going to build out some models, some new serializers. We're going to add somevalidation to the serializers and see where it leads us. Great stuff. Right. So let's use thiscommand here in backend. If I close them down again, I will close the terminal down completelybecause I'm using Docker now. Remember you can fire up Docker with Docker dash compose up dash Ddash dash build. No, yeah, that's right. And now fire up this app in Docker. And when you're inthere, you can then use these Python commands in the API. So we'll quit the shell and we're donefor that in here. Yes, we will in the API. And this is me making these calls in Docker. However,you will see them appear in my local machine. And the reason you'll see them on my local machineis because the data persists and we're using volumes. So e-commerce is now here. We need tochange the rest framework variable in settings. The reason being is because we are adding tokenauthentication. What we've done here is we've had, we've added a default, default authenticationclass called authentication dot token authentication. So anywhere where we add a permissions classin a view will enforce authentication. So you won't be able to access that view unless youpass through a valid token. Okay, so that's the first step. In fact, if we do DRF token authentication,this page here will walk you through all of the steps, but I'm doing thatfor you. So just follow the modules. So I've added that we now need to add a new app into ourinstalled apps. So back in the settings, go into our installed apps, save over. You can see nowthat we've got authentication added there. Okay. That stands to reason that we'll probably be addingsome URLs and making migrations because we're getting new tables in the database. Okay.So let's go back to our URL conf. And you can see now we've got a new endpoint and we've got a new,oh, we do apologize. So we're importing from Django REST framework and we've got a new endpoint.Save that. So this means now we've got an endpoint in our project where when a user visits thatendpoint and passes through a username and a password, they will then receive back a token.That token acts as an authentication token. So if we receive that then in the backend, we knowthat that token links to a certain user. Okay. Keep tokens safe. So we've got a new endpoint,keep tokens safe. Now we need to migrate those new tables that we've added in installed appsto our database. So we go back in the Docker, paste those pieces of code in thereand zoom in. You can see now, can you see that? We've got auth token. We've got initial auto andtoken proxy, which are the migration files for the tables that we're now having on the database.Don't worry. We'll see them in the built-in admin table very, very soon.What we also need is something called a signal. Now, if you're familiar withDjango, you'll know what these are. We want a way of creating a token every time a user iscreated in the database. The way we do that is we use a signal. Now a single, a piece of code, whichin Django, we call a signal, something that receives a signal from a certain tablebased on an action. Now that could be a pre-save or a post-save. So when a database has a newinstance saved in it, a signal is sent from the database and this receiver has an antenna and itpicks up that signal and says, ah, okay, I need to do something. And in this case, it will be createa new token. That's what we're trying to do here. So we go into e-commerce. We have a new file calledsignals.py. Sorry, I'm not following the modules. Sorry, the module five steps, step by step. I amgoing step by step. I'm not reading straight from the screen. So you can see we've got a post-savesignal. So after something's saved, we get a signal. We have a receiver to receive said signal.What table? The core user table. So when a user is added to the database, that's who sends the signal.And what do we want to create? We want to create a new token, which is the new table we've createdin a database. And this is what the code all looks like. We now need to wire that into the app. Sowhen the app starts, the signal is active. It's looking for signals. And what we do in here is wesay def ready. So it's a ready method. Pass through self. What do we do? We want to import fromecommerce.signals. Perfect. Now when ecommerce starts, signals will be active. That's what thisbit here is. What do we want to do now? We want to create our first user. We'll make it a superuser. So I want the super user, which is twofold. That will trigger that token. So we'll have a tokenand it'll also give me access to the built-in admin page, which I'll show you in a second.So I'll copy, paste that in there. Can you see? Don't necessarily need to see it, but there you go.Enter and that will ask me for a username. Just Bobby. Don't worry about an email address.Just a random password. There we go. User is created. I'd expect to see a token in the database.So go in your browser. We will go to localhost forward slash admin, because that's the URL. Bobbypassword. Perfect. I expect to see Bobby in the user table, because that's my super user.If I look in tokens, there we go. It's created a token and this is the key. So this is myauthentication token. Perfect. You go back into modules. What we now need to do is we need to testthe end point. So I expect to, when I test this end point, I make this call using HTTP, HTTP inthe Docker, I would expect to receive something like this, which would be an endpoint response.And it will say token. It will give me my new token. So what I'm going to do is take most ofthis, but you need obviously use your own username and password. So I'll copy thisand I will go to the app container. Remember we're making a call from app to API,go in a CLI, drop that in there. And I will say, well, username is Bobby password equalspresenter. Perfect. See that? So it starts in eight B eight eight.We go back into the database, eight FB eight eight. Perfect. That's exactly what I wanted to see.That's it. We've just added what we are module five, which is added token authentication to aproject. This is really good stuff. So now we can add that to our views. So if somebody's trying toaccess information, they will only access information relative to that user. That's whatwe're able to do. Not always the case. You might just want to have authentication oncertain views so that only authenticated or signed in users can access it. It's good if you imagineyou've got a mobile app, which, you know, is completely disconnected from the back end.Okay. Same as a react or a view app. So where are we? That's it. That's module five. Thank youvery much for watching. I'll see you in module six. Okay, module six. Let's go ahead and begin.Um, let's go ahead and begin. Like I said, I'm recording this in one fell swoop, soplease excuse the cluttered, uh, left hand side. So steps module six in preview.We've built our core app, configured everything. We've got a generous framework working. We'venow got an e-commerce app with token authentication in this module. Just make sure your configuration,by the way, is exactly where it needs to be on the left hand side. It should look like this.It's not cloned down. What we're going to do now is we're going to go through the same process.We went in the core app, build our models, build our serializers, build our views,build our URLs in that order. Okay. So remember models relate to databases. So we need an itemand an order model. So a model to catch all the items in the database.So go into backend e-commerce models, drop them in there. And I'm not going to spend too much timegoing through this, but it's important you understand some of the methods. So we've gotan item model with some fields, right? We've got a stock and a price. So what stock we have in thedatabase and what the price is now prices in pence and pounds or cents and dollars, whatever the casemay be. It doesn't really matter. We've got a method to convert it into, remember if you're inpounds and pence, if you divide pence by a hundred, you've got your pounds. You've got managedstocks. We've got a method to decrease stock by a factor of whatever the order is. Okay. And we'vegot another couple of methods here to place an order to check stocks. So when you place an order,it checks the stock. If there's enough stock or the stock equals the order or is above the order,then it calls managed stock. So that's one of the validation methods we'll be using in the serializer.And then we've got an order model, which will relate to the user. So foreign key to the userwill be the item that's been ordered and the quantity. Okay. So then we'll have an endpointto view all of the user's orders. Okay. All of the items, retrieve a single item, retrieve a singleorder, retrieve all of the orders. So, okay, that's all we're doing in the models. We now need a newfile called serializers.py. So I'm jumping forward. There we go. E-commerce serializer.py.You now need to pick up all of this code, copy, go into e-commerce, drop it in there and save.So bringing in the two models we've just created. And then for very similar to the core app,we're bringing in serializers, bringing in status and exception. The reason I'm bringing in exceptionsis because I've got this class here, which is called a not enough stock exception. In a normalapp, you'd probably have a number file here called exceptions and you'd have a whole bunch of them.So when you're validating, you can call, invoke, raise certain exceptions based on validation.We're only doing one piece of validation. We're checking that the stock is high enoughor we've got adequate stock to cover the order that's coming in. So if when calling the method,check stock, stock is too low, we will raise not enough stock, which is a 400 bad request.The details say there is not enough stock and it'll be an invalid code. Okay. Model serializer,item serializer, order serializer is another model serializer. So these serializers, again,I spoke about this in module two, I believe there's a whole bunch of different serializers.You don't need to use model serializers. Like I said, that points it to model fieldsand it kind of does this, this clever model matching, sorry, field matching. You can useother sorts of serializer. There's one called just serializer, in which case you need to specifywhat those fields look like. Outside of this course, you might want to do a deeper dive on that,but we're using models. It stands to reason that we can use a model serializer. So this itemserializer has got no fields. We're not adding any fields, class meta, model item, and we've gottitle, stock and price. Okay. There are three fields that we have in the database. Orderserializer, however, we're using an item primary key related field. What we're doing there iswe are saying that the item field in order serializer, remember we're cleverly pointingfields towards model fields. We're saying that that particular field, identify it by its primary keyis a foreign key link between the two tables. So we're identifying that link via a primary key.I hope that makes sense. Same meta as above, but this time we've got a validate method.That validate method will be called when we call, when we save the, sorry, when we call it is valid.So the is valid method will call validate and it will check to make sure that all the informationis as expected. Now, in this case, what we're trying to do is yeah, check the fields, otherfields. Okay. Bang on. Perfect. After that, we then want to check the stock. Now, if the stockis too low, it will be, we will raise this, not enough stock exception. So it will be not valid.Does that make sense? That's why we've got this method in there. It's being called when we callthe is valid method in the serializer. Okay. Then create a few models, pop them in the admin filehere so we can access them in the built-in admin page. Don't need to go too further on that. Andwe need to migrate those new tables to the database. So if we open up Docker again, open up the APIcontainer, sorry, not the app one, API container, open up CLI, pop them in there, press enter.There we go. We created an item table and an order table. We should be able to see those in here.We update, happy days. We've got an items, we've got an order. Actually, let's go ahead and createsome items, shall we? Add an item. That's one. That's one. We'll have a stock of 10, price 300.Save and add another. That's two. That's two. Stock of 20, price 500. That'll be five pounds,right? Okay. We've now got items in the database. So when we do call the endpoint,we should see something. That is it. That is the end of module six. So the next module we'll startadding the views and the routers. The module after that will add some tests and we should have afully functioning app at the end of that. So thank you very much for watching. Make sure yourroute directory is what it needs to look like before you move on to the next module. I'll seeyou in module seven. Okay. Module seven. Here we are. So two more modules, including this one.There we go. Module seven. Look at this in preview. Make sure your configuration on theleft-hand side matches this. If you don't, clone down. Okay. Our e-commerce app is picking upspeed. We've got our models. We've got a serializer. We now need to wire it into some views.So we need to pick up all of this code and drop this into backend e-commerce views, paste.What we're doing different to what we did in core, this we're bringing in is authenticated.Remember we're wired in token authentication. So by bringing this in and adding this to our views,that will invoke the authentication class that we have in our settings, which is tokenauthentication. We're expecting a token to be sent via the request in the header asauthorization or authentication. So we've got an items view. We've got some mix-ins here as well,actually. So a good thing about this is a generic view set. Okay. So we've had an API view. We'renow using a generic view set. Generic view set has built-in methods such as retrieve.What are they? Retrieve, list, create, update. I forget what they all are now. But by using thegeneric view set and some mix-ins, you get very, very similar to the generic views in Django,actually. A lot of the methods are all built-in. You don't need to do a lot of heavy lifting,especially when we're working with model serializers. Okay. You can see a good exampleof this. This is the item view. Okay. We've got no methods. We're just passing through permissions.Telling it what a query set is. We're telling it what serialize to use. By using those mix-ins,I've got a list endpoint, as in show all. And I've got a show and retrieve. So it's a get requestfor a single item. Okay. So we pass through the UUID or the ID of an item. You're retrieving one.Very powerful. Next, we've got an orders view set here. Similar, passing through everything. I can'tremember if, actually, that's probably a hangover. So we're using the list and retrieve to get singleorders. Okay. We're using this update one, which I don't think I'm actually using. We've probablygot access to that URL, because that's what we're doing here. The view set, the generic view set,will give you access to methods, but it'll also construct those endpoints for you as well.On a API view, you need to add the as view method when you're wiring up the URL router. But with ageneric view set, you do it slightly different. I'll show you in a second. Difference here is,again, permissions class. We've got a create method here. So this is what we're going to be callingwhen we create an order. Different to core is we're passing through to the serializer, the data.To the serializer, the data. Okay. If the serializer is valid, so we're going to call that,is there enough stock? If there is enough stock, we're not saving the serializer, because this isa model serializer linked to an order. We're not creating... We have to place an order. We'recalling a place order method. So we're not necessarily just saving a serializer. We'redoing it slightly different. We're calling a method in a model. So we're getting the item,specific item based on a PK, the primary key. And then we're calling the order place order method,which will create that order in the database. And then we respond with the... We pass throughthe new order that we've created to the order serializer and the data. So that's how we'resending the data back to the user. Okay. That's the view. Very simple, right? We now need a router.Go back in the models, doing all of this in URLConf. So we copy this, go into DRF course,go into URLConf, and we're going to add some bits. Okay. What are we doing? We're bringingin the views from e-commerce, and then we're wiring up these generic view sets differentto the API view. Okay. We're putting as view here, same as a class space view in Django,very similar API view. These are different. These are generic view sets. So we're using RegEx.So it's a regular expression URL. E-commerce view. So this is the view set itself. Next,we haven't got as view at the end there. Base name is item and order. And then what we do,we're registering those to the router. The URL patterns become the URLs from the router.Remember, so although we're registering things to router, because we're using generic view setsand a whole bunch of other stuff, that router has a whole bunch of URLs. So we'll have a retrieveand a list and a get with a PK that are already built in just by registering this. So the URLpatterns becomes vast. And then what we do is we append these three URLs to the URL patterns,and that becomes a whole bunch of URL patterns for the project. Okay.That's that. That's module seven. We are good to go. The reason I've stopped there is becausewe're going to be doing testing in module eight. It's the last piece. We'll be doing some unittesting and then we'll be testing those endpoints. Okay. So that, just make sure that your configurationis looking how mine does or looking at does in the modules and you'd be good to go.Right. Thank you very much for watching module eight next. Perfect. Right. Module eight,module eight and close some stuff. Open up module eight. Good. Before we start,make sure your configuration is exactly the same. If not, cloned down from GitHub,let's move on to the steps. So like in module four, when we done the testing for our core app,let's do it again for e-commerce, except this is a little bit more complicated.Doesn't need to be any more complicated. I won't go into a big deep dive because I've alreadyspoken about the API client and test cases. So we're creating a client is a callable verymuch like the request package. So we're calling the API testing and adding it to a test database.Inheriting the API test case here. So we have a setup method. We're creating some dummy informationsimilar to what I did in the admin page earlier, adding five items. We're creating a self itemsvariable here, which is all of the items in the database. We're creating a user. Well, we knowwhen we create a user, we're also creating a token. We're creating a couple of orders. Okay.Against the first item. That way we can call the order at any point. Token. So creating a token,we know that we've just created it. Yeah. So it's self token is for this user here.And then the client is API client. And then difference here is that on self client,we can call the credentials method and pass through the token. So we'll add a header to each and everycall. Remember we've got permissions class in these views. So if we don't have that, we can callclass in these views. So if we don't have this, we're going to hit a failure each time. So we'repassing through the token. So now it will be written. It will be token space. So it'll be,it'll say authorization, and it will say a token space, and it will be the token key. Okay. Andthat'd be in the head of every call. And then we have how many? What have we got here?We've got a few, one, two, four, six, eight, 10, 10 ish, 10 test cases. So what we're doing,we are checking out what's in the database. We're expecting five, if there is happy days,we've got, we make a call to the item endpoint. Remember we've got a retrieve list or a listmethod. I'll bring back every item. So I'm making a call to it. We're expecting status 200. That'sthe first endpoint. Now we want to get each item. So what we're doing, we're going to cycle throughall of the items. Now we're going to make five calls to the endpoint. You can do this differently,but this is just one way of doing it. So I'm calling the endpoint five times and I'm saying,right, get the item with PK from the item from the database. So item.id. We're expecting a 200because we know that they're there, right? So we're getting a response 200. Then we get,then we get a little bit complicated. So test order is more than stock. So we're now callingmethods, right? So for items, so these are methods in the item database. So current stockis, so we're getting the current stock and then we're saying I check stock. So we're passingthrough. So make check that the order is more than stock. So we'd expect that to be false.We go through, I'm not going to go through each of these, but I'm basically testing every outcomefor the endpoint. So have we got too much stock? We've not got enough stock. Does the stock equalthe order? What happens if we don't send an item ID, something along those lines? Okay. So justgoing through, I mean, you can probably be a lot more thorough than this, but these are the teststhat we've got. Modulate. Okay. So we can now go in here, go into Docker. I'm in API, which iscorrect. We've got that drop to manage.py testing that we're now 18 to 18 core 10 in e-commerceand expecting. There we go. Okay. All the tests work. This is where you want to be.Now let's go ahead and test some endpoints. I need module eight opened and this is how you'llprobably need to do it as well. So I'll open up modulate without it being in preview mode.The reason being is because every place it says your name, I'm going to control H and change it tothe username of the person in the database. I know it's Bobby. Can you change it? Can you changeyour password? Whenever you see your password, I'm going to change that to my password. So whatwe're doing here, I'm just creating the HTTP endpoints, your token. Every time I see yourtoken, I'm going to change that to the token in the database, which is this one here, copyand change all the lows. And then you've got UUID for item. So you can see here,we're calling the item endpoint. So your UUID will be an ID that appears in the database.So we go into items, change this one, copy, not change that one. Oh, sorry.It's like, it's a little bit difficult when you're just doing a right. And then we get onto,after that we get onto orders. So we won't look at those yet. Okay, cool. So we go back and preview.I should now have those. Yeah, we do. Right. So spend some time going through these. So let'stest all the endpoints there. So call our endpoints. Here are the requests we can maketo our new endpoint. So we've got first, what I'll do, I'm going to keep going backwards andforwards, but we go to the app container, going to CLI. What we'll do, we will drop this in there.So we're calling the API auth to get a token. There we go. Token, it works. I'm going to zoomin each time. I know it's small. I do apologize, but at least you've got instructions. You've gotthe code. Next, we want to check and get all of the items. Remember, this is the domain. Theendpoint is item. That is a retrieve all. We're getting all items in the database, providing wesend through the token back into Docker, drop it in there. And I expect to see two items. We'vegot two in the database. Now what happens if I remove the header with the authentication token?There you go. Not authenticated. Perfect. That's exactly what we want to see. Next,we want to retrieve one item that we have in the database.There we go. Pass through the UID, and it gets a single retrieved one item. Well, so we got this,got retrieve all orders. Yeah, we can look at that one. Back to Docker, retrieve all orders.We've got two. We haven't got any orders in the database. Let's make an order, shall we? Your UIDauthentication. This will place an order for item ID. Sorry, I'm moving around on this. I probablyshould have looked right. If I change that, this will retrieve all orders. This will retrieve asingle item. This will place an order for an item. Let's place an order for an item, shall we?Sorry, not handy when you're making a video. What is this doing? We're calling HTTP. We'recalling the order endpoint. We're passing through an authentication token. Then we create an adjacentdata type, and we send it through the ID of the item and a quantity. I know that we've got thestock of one. Let's copy that. We'll drop that in here. That will create an order. If I do thatagain and change the quantity to 1,000, I know we don't have a stock of 1,000. That should saythere is not enough stock. Remember, we're validating that. If there's not enough stock,we're raising an exception. Brilliant. Now we can call the... I'm seeing the trouble with Docker.You can't press up and get your previous. Let's check all orders, and then I won't keep you onhere any longer because you can do this in your own time. We should now see one order, right?There we go. Brilliant. That is exactly what I wanted to see. Just zoom in.Again, we added an order of one, remember, and retrieved it.I also showed you... Where is it? Where is it? Where is it? There we go.What I'll do, I'll create another order just quickly, and I'll create that with five.I believe we've got enough stock. There is. We will then get all of our orders with this one here.Copy, back in the Docker. Drop it in there. It should now have two. Perfect. That's exactlywhat I wanted to see. That is it. That is the end of the course. Let's just recap quickly. What havewe done? We've gone through eight modules. The first two modules were all about getting the code,configuring a Django project, essentially. Nice and easy stuff. We have then created a core appwith a contact endpoint, a normal model serializer, and we've just got a post request. We're using anAPI view, which is similar to a Django class view. Brilliant. We've then invoked or addedtoken authentication to the project, created an e-commerce app with an item and an order endpointwith permission classes. Only those that have got an authentication approval can view, retrieve,create information. We have now created a very, very good, not production ready,API, but it's a good API that you can use and hopefully refactor and use it in your own project.Now, I'd just like to thank everyone for watching. If you like this content, then please visit DidCoding and you'll see many more videos like this on my channel. Like this video on FreeCodeCampand add a comment because I do get to see those comments. Comments from previous courses onFreeCodeCamp really has led to me building some other courses and tutorials. Just before I doclose the video out, I just would like to thank FreeCodeCamp one more time just for allowing meto create this course and for them to post it on their channel. Keep up the good work,keep that free content coming. Again, thank you very much and hopefully I'll be seeing you very,very soon. Bye-bye.\n"