{ "schemaVersion": "1.0", "item": { "slug": "drf", "name": "Django REST Framework", "source": "tencent", "type": "skill", "category": "开发巄具", "sourceUrl": "https://clawhub.ai/pradeepcep/drf", "canonicalUrl": "https://clawhub.ai/pradeepcep/drf", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/drf", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=drf", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/drf" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/drf", "agentPageUrl": "https://openagent3.xyz/skills/drf/agent", "manifestUrl": "https://openagent3.xyz/skills/drf/agent.json", "briefUrl": "https://openagent3.xyz/skills/drf/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Django REST Framework", "body": "This skill details how to generate, configure, and enhance REST APIs using Django + Django REST Framework (DRF). It includes instructions on project setup, API structure, serializers, viewsets, routing, authentication, performance optimization, testing, and common pitfalls." }, { "title": "Overview", "body": "Use this skill when you:\n\nStart a Django + Django REST Framework (DRF) project\nWork on a Django project that uses Django REST Framework (DRF)\nWork on a Python project that lists djangorestframework in its requirements.txt or pyproject.toml\nCreate REST API endpoints in a Django project\nAdd, modify, or apply best practices for serializers, views, viewsets, permissions, authentication, pagination, filtering in a Django project\nOptimize database queries and API performance in a Django project" }, { "title": "1. Create & Activate Virtual Environment", "body": "python3 -m venv .venv\nsource .venv/bin/activate\npip install django djangorestframework\ndjango-admin startproject project ." }, { "title": "2. Create an App", "body": "python manage.py startapp [appname or \"api\"]" }, { "title": "3. Configure Django REST Framework", "body": "Add to settings.py:\n\nINSTALLED_APPS = [\n \"rest_framework\",\n appname or \"api\",\n]\n\nREST_FRAMEWORK = {\n \"DEFAULT_PERMISSION_CLASSES\": [\n \"rest_framework.permissions.IsAuthenticated\",\n ],\n \"DEFAULT_RENDERER_CLASSES\": [\n \"rest_framework.renderers.JSONRenderer\",\n ],\n \"DEFAULT_FILTER_BACKENDS\": [\n \"django_filters.rest_framework.DjangoFilterBackend\",\n ],\n \"DEFAULT_PAGINATION_CLASS\": \"rest_framework.pagination.LimitOffsetPagination\",\n \"PAGE_SIZE\": 10,\n}" }, { "title": "Serializers", "body": "Prefer ModelSerializer to reduce boilerplate.\nKeep serializers focused on validation and representation.\nUse separate serializers for:\n\nlist vs detail\nread vs write\npublic vs internal APIs\n\n\nAdd serializers to a serializers.py file inside the appropriate Django app\n\nExample:\n\n# File: accounts/serializers.py\nclass UserSerializer(serializers.ModelSerializer):\n class Meta:\n model = User\n fields = [\"id\", \"username\", \"email\"]" }, { "title": "Views & ViewSets", "body": "Use ViewSet or ModelViewSet for standard CRUD APIs.\nOverride get_queryset() instead of filtering in the serializer.\nKeep views thin, and use features from DRF parent classes as much as possible\nAlways return responses in the configured format (fallback to json)\nAlways put views in the views.py file inside the appropriate Django app\n\nExample:\n\n# File: accounts/views.py\nclass UserViewSet(ModelViewSet):\n serializer_class = UserSerializer\n\n def get_queryset(self):\n return User.objects.filter(is_active=True)" }, { "title": "Routing", "body": "Use DRF routers for consistency and discoverability.\nAvoid deeply nested URLs unless strictly necessary.\nPut routers in a urls.py file inside the appropriate Django app\nMake sure the urls.py inside the Django app is included in the main urls.py\n\nExample:\n\n# File: accounts/urls.py\nrouter = DefaultRouter()\nrouter.register(\"users\", UserViewSet)\nurlpatterns = router.urls\n\nExample:\n\n# File: project/urls.py\n\nurlpatterns = [\n path(\"\", include(\"accounts.urls\")),\n]" }, { "title": "Authentication", "body": "Prefer stateless authentication for APIs.\nToken-based or JWT authentication is recommended.\nNever rely on session authentication for public APIs unless\nexplicitly required." }, { "title": "Permissions", "body": "Always define explicit permissions.\nDefault to secure (IsAuthenticated) rather than open.\nUse custom permission classes for fine-grained control.\nCreate custom permissions inside a permissions.py file inside the appropriate Django app.\n\nExample:\n\npermission_classes = [IsAuthenticated]" }, { "title": "Pagination", "body": "Always paginate list endpoints.\nAvoid returning unbounded querysets." }, { "title": "Filtering", "body": "Filter in get_queryset() using request parameters.\nValidate query params explicitly." }, { "title": "Throttling", "body": "Protect APIs from abuse:\n\nREST_FRAMEWORK = {\n \"DEFAULT_THROTTLE_CLASSES\": [\n \"rest_framework.throttling.AnonRateThrottle\",\n \"rest_framework.throttling.UserRateThrottle\",\n ],\n \"DEFAULT_THROTTLE_RATES\": {\n \"anon\": \"100/day\",\n \"user\": \"1000/day\",\n },\n}" }, { "title": "Query Optimization", "body": "Always inspect query counts in list views.\nUse select_related() for foreign keys.\nUse prefetch_related() for many-to-many and reverse relations.\n\nExample:\n\n# File: orders/views.py\ndef get_queryset(self):\n return Order.objects.select_related(\"customer\").prefetch_related(\"items\")" }, { "title": "Caching", "body": "Cache expensive read-heavy endpoints.\nUse Redis or Memcached.\nNever cache user-specific responses globally." }, { "title": "Testing", "body": "Write tests for:\n\nserializers\npermissions\nedge cases\n\n\nUse APITestCase and APIClient.\nTest both success and failure paths." }, { "title": "Bulky Views / Bulky Serializers", "body": "Avoid putting business logic inside:\n- serializers\n- views\n- permission classes\n\nInstead, use:\n- service modules\n- domain logic in models\n- reusable helper functions" }, { "title": "N+1 Query Problems", "body": "DRF does not optimize queries automatically. Missing\nselect_related() or prefetch_related() will silently destroy\nperformance." }, { "title": "Silent Security Bugs", "body": "Common mistakes:\n- Forgetting permission classes\n- Allowing unauthenticated access by default\n- Exposing writeable fields unintentionally\n- Exposing passwords or secret fields in response\n\nAlways audit:\n- serializer fields\n- permission classes\n- allowed HTTP methods" }, { "title": "Assuming Async Behavior", "body": "Django REST Framework is primarily synchronous.\n\nDo not assume:\n- async views improve performance automatically\n- background tasks belong in request/response cycles\n\nUse task queues (Celery etc.) for long-running work." }, { "title": "Example Commands", "body": "python manage.py makemigrations\npython manage.py migrate\npython manage.py createsuperuser\npython manage.py runserver" }, { "title": "šŸ“ References", "body": "Django documentation\nDjango REST Framework documentation\nReal-world production DRF patterns" } ], "body": "Django REST Framework\n\nThis skill details how to generate, configure, and enhance REST APIs using Django + Django REST Framework (DRF). It includes instructions on project setup, API structure, serializers, viewsets, routing, authentication, performance optimization, testing, and common pitfalls.\n\nOverview\n\nUse this skill when you:\n\nStart a Django + Django REST Framework (DRF) project\nWork on a Django project that uses Django REST Framework (DRF)\nWork on a Python project that lists djangorestframework in its requirements.txt or pyproject.toml\nCreate REST API endpoints in a Django project\nAdd, modify, or apply best practices for serializers, views, viewsets, permissions, authentication, pagination, filtering in a Django project\nOptimize database queries and API performance in a Django project\nStart a Project\n1. Create & Activate Virtual Environment\npython3 -m venv .venv\nsource .venv/bin/activate\npip install django djangorestframework\ndjango-admin startproject project .\n\n2. Create an App\npython manage.py startapp [appname or \"api\"]\n\n3. Configure Django REST Framework\n\nAdd to settings.py:\n\nINSTALLED_APPS = [\n \"rest_framework\",\n appname or \"api\",\n]\n\nREST_FRAMEWORK = {\n \"DEFAULT_PERMISSION_CLASSES\": [\n \"rest_framework.permissions.IsAuthenticated\",\n ],\n \"DEFAULT_RENDERER_CLASSES\": [\n \"rest_framework.renderers.JSONRenderer\",\n ],\n \"DEFAULT_FILTER_BACKENDS\": [\n \"django_filters.rest_framework.DjangoFilterBackend\",\n ],\n \"DEFAULT_PAGINATION_CLASS\": \"rest_framework.pagination.LimitOffsetPagination\",\n \"PAGE_SIZE\": 10,\n}\n\nCore Principles\nSerializers\nPrefer ModelSerializer to reduce boilerplate.\nKeep serializers focused on validation and representation.\nUse separate serializers for:\nlist vs detail\nread vs write\npublic vs internal APIs\nAdd serializers to a serializers.py file inside the appropriate Django app\n\nExample:\n\n# File: accounts/serializers.py\nclass UserSerializer(serializers.ModelSerializer):\n class Meta:\n model = User\n fields = [\"id\", \"username\", \"email\"]\n\nViews & ViewSets\nUse ViewSet or ModelViewSet for standard CRUD APIs.\nOverride get_queryset() instead of filtering in the serializer.\nKeep views thin, and use features from DRF parent classes as much as possible\nAlways return responses in the configured format (fallback to json)\nAlways put views in the views.py file inside the appropriate Django app\n\nExample:\n\n# File: accounts/views.py\nclass UserViewSet(ModelViewSet):\n serializer_class = UserSerializer\n\n def get_queryset(self):\n return User.objects.filter(is_active=True)\n\nRouting\nUse DRF routers for consistency and discoverability.\nAvoid deeply nested URLs unless strictly necessary.\nPut routers in a urls.py file inside the appropriate Django app\nMake sure the urls.py inside the Django app is included in the main urls.py\n\nExample:\n\n# File: accounts/urls.py\nrouter = DefaultRouter()\nrouter.register(\"users\", UserViewSet)\nurlpatterns = router.urls\n\n\nExample:\n\n# File: project/urls.py\n\nurlpatterns = [\n path(\"\", include(\"accounts.urls\")),\n]\n\nAuthentication & Permissions\nAuthentication\nPrefer stateless authentication for APIs.\nToken-based or JWT authentication is recommended.\nNever rely on session authentication for public APIs unless explicitly required.\nPermissions\nAlways define explicit permissions.\nDefault to secure (IsAuthenticated) rather than open.\nUse custom permission classes for fine-grained control.\nCreate custom permissions inside a permissions.py file inside the appropriate Django app.\n\nExample:\n\npermission_classes = [IsAuthenticated]\n\nPagination, Filtering & Throttling\nPagination\nAlways paginate list endpoints.\nAvoid returning unbounded querysets.\nFiltering\nFilter in get_queryset() using request parameters.\nValidate query params explicitly.\nThrottling\n\nProtect APIs from abuse:\n\nREST_FRAMEWORK = {\n \"DEFAULT_THROTTLE_CLASSES\": [\n \"rest_framework.throttling.AnonRateThrottle\",\n \"rest_framework.throttling.UserRateThrottle\",\n ],\n \"DEFAULT_THROTTLE_RATES\": {\n \"anon\": \"100/day\",\n \"user\": \"1000/day\",\n },\n}\n\nPerformance Best Practices\nQuery Optimization\nAlways inspect query counts in list views.\nUse select_related() for foreign keys.\nUse prefetch_related() for many-to-many and reverse relations.\n\nExample:\n\n# File: orders/views.py\ndef get_queryset(self):\n return Order.objects.select_related(\"customer\").prefetch_related(\"items\")\n\nCaching\nCache expensive read-heavy endpoints.\nUse Redis or Memcached.\nNever cache user-specific responses globally.\nTesting\nWrite tests for:\nserializers\npermissions\nedge cases\nUse APITestCase and APIClient.\nTest both success and failure paths.\nCommon Gotchas & Pitfalls\nBulky Views / Bulky Serializers\n\nAvoid putting business logic inside: - serializers - views - permission classes\n\nInstead, use: - service modules - domain logic in models - reusable helper functions\n\nN+1 Query Problems\n\nDRF does not optimize queries automatically. Missing select_related() or prefetch_related() will silently destroy performance.\n\nSilent Security Bugs\n\nCommon mistakes: - Forgetting permission classes - Allowing unauthenticated access by default - Exposing writeable fields unintentionally - Exposing passwords or secret fields in response\n\nAlways audit: - serializer fields - permission classes - allowed HTTP methods\n\nAssuming Async Behavior\n\nDjango REST Framework is primarily synchronous.\n\nDo not assume: - async views improve performance automatically - background tasks belong in request/response cycles\n\nUse task queues (Celery etc.) for long-running work.\n\nExample Commands\npython manage.py makemigrations\npython manage.py migrate\npython manage.py createsuperuser\npython manage.py runserver\n\nšŸ“ References\nDjango documentation\nDjango REST Framework documentation\nReal-world production DRF patterns" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/pradeepcep/drf", "publisherUrl": "https://clawhub.ai/pradeepcep/drf", "owner": "pradeepcep", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/drf", "downloadUrl": "https://openagent3.xyz/downloads/drf", "agentUrl": "https://openagent3.xyz/skills/drf/agent", "manifestUrl": "https://openagent3.xyz/skills/drf/agent.json", "briefUrl": "https://openagent3.xyz/skills/drf/agent.md" } }