Author: Priyanka Bagde

Django Cheat Sheet (codeinsightacademy.com)

pip3 install djangorestframework
python3 manage.py startapp employee
Note: Make sure your sql service is running.

settings.py

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'webpage',
    'rest_framework',
    'employee',
]

employee/models.py

from django.db import models

class Employee(models.Model):
    post = models.CharField(max_length = 100)
    name = models.CharField(max_length = 100)
    salary = models.IntegerField()
    is_active = models.BooleanField(default=False)
    added_date = models.DateField(auto_created=True)
    updated_date = models.DateField(auto_now=True)

    def __str___(self):
        return self.title

to make and apply the migrations run

./manage.py makemigrations
./manage.py migrate

employee/serializers.py

from rest_framework import serializers
from employee.models import Employee

class EmployeeSerializer(serializers.ModelSerializer):
    class Meta:
        model = Employee
        fields = "__all__"

employee/views.py

from django.shortcuts import render
from rest_framework.generics import ListAPIView
from rest_framework.generics import CreateAPIView
from rest_framework.generics import DestroyAPIView
from rest_framework.generics import UpdateAPIView
from employee.serializers import EmployeeSerializer
from employee.models import Employee

class ListEmpAPIView(ListAPIView):
    queryset = Employee.objects.all()
    serializer_class = EmployeeSerializer

class CreateEmpAPIView(CreateAPIView):
    queryset = Employee.objects.all()
    serializer_class = EmployeeSerializer

class UpdateEmpAPIView(UpdateAPIView):
    queryset = Employee.objects.all()
    serializer_class = EmployeeSerializer

class DeleteEmpAPIView(DestroyAPIView):
    queryset = Employee.objects.all()
    serializer_class = EmployeeSerializer

employee/urls.py

from django.urls import path
from employee import views

urlpatterns = [
    path("",views.ListEmpAPIView.as_view(),name="employee_list"),
    path("create/", views.CreateEmpAPIView.as_view(),name="employee_create"),
    path("update/<int:pk>/",views.UpdateEmpAPIView.as_view(),name="update_employee"),
    path("delete/<int:pk>/",views.DeleteEmpAPIView.as_view(),name="delete_employee")
]

main urls.py

urlpatterns = [
path('admin/', admin.site.urls),
path('api/v1/employee/',include("employee.urls"))
]

Run the api in postman with urls

POST request : http://localhost:8000/api/v1/employee/create/ 
GET request : http://localhost:8000/api/v1/employee
UPDATE request : http://localhost:8000/api/v1/employee/update/1/ 
DELETE request : http://localhost:8000/api/v1/employee/delete/1/ 

# views.py
# Single-file DRF example for Node.js + Express developers
# Covers: create API, DB model usage, custom decorator, JWT auth

from functools import wraps
import jwt

from django.conf import settings
from django.contrib.auth.models import User
from django.http import JsonResponse
from rest_framework.decorators import api_view
from rest_framework.response import Response
from rest_framework import status


# =========================
# Express middleware equivalent
# =========================
def jwt_required(view_func):
    @wraps(view_func)
    def wrapper(request, *args, **kwargs):
        auth_header = request.headers.get("Authorization")
        if not auth_header:
            return JsonResponse({"error": "Token missing"}, status=401)

        try:
            token = auth_header.split(" ")[1]
            payload = jwt.decode(token, settings.SECRET_KEY, algorithms=["HS256"])
            request.user_id = payload["user_id"]
        except Exception as e:
            return JsonResponse({"error": f"Invalid token: {str(e)}"}, status=401)

        return view_func(request, *args, **kwargs)

    return wrapper


# =========================
# Basic create API
# Express: app.get('/hi')
# =========================
@api_view(["GET"])
def hi(request):
    return Response({"message": "Hi from DRF"})


# =========================
# Create user API
# Express: app.post('/users')
# =========================
@api_view(["POST"])
def create_user(request):
    name = request.data.get("name")
    email = request.data.get("email")
    password = request.data.get("password")

    if not all([name, email, password]):
        return Response({"error": "All fields required"}, status=400)

    user = User.objects.create_user(
        username=email,
        first_name=name,
        email=email,
        password=password,
    )

    return Response(
        {
            "message": "User created",
            "id": user.id,
            "email": user.email,
        },
        status=status.HTTP_201_CREATED,
    )


# =========================
# Login + JWT generation
# Express: jwt.sign()
# =========================
@api_view(["POST"])
def login(request):
    email = request.data.get("email")
    password = request.data.get("password")

    try:
        user = User.objects.get(email=email)
    except User.DoesNotExist:
        return Response({"error": "User not found"}, status=404)

    if not user.check_password(password):
        return Response({"error": "Invalid password"}, status=401)

    token = jwt.encode({"user_id": user.id}, settings.SECRET_KEY, algorithm="HS256")

    return Response({"token": token})


# =========================
# Protected route
# Express: app.get('/profile', authMiddleware)
# =========================
@api_view(["GET"])
@jwt_required
def profile(request):
    user = User.objects.get(id=request.user_id)

    return Response(
        {
            "id": user.id,
            "name": user.first_name,
            "email": user.email,
        }
    )