Industry ready custom API payload with an easy format for building Python APIs (Django/Django Rest Framework)

Related tags

Security related resourcesAPI-Payload
Overview

Industry ready custom API payload with an easy format for building Python APIs (Django/Django Rest Framework)

Yosh! If you are a django backend developer and have used the amazing utility toolkit for creating amazing APIs. You probably have come across the way django rest framework lets you return data by default. Not industry standard, if I may add.

So you serialize what object you want, and it serialized and you return it like so;

class GetPostsAPiView(APIView):

    def get(self, request):
        posts = Post.objects.all()
        post_serializer = PostSerializer(posts,  many=True)

        if post_serializer.is_valid():
            post_serializer.save()
            return Response(serializer.data)
        
        else:
            return Response(serializer.errors)


# OUTPUT
-----------
- success response
{
    'title': 'First blog post', 
    'content': 'Lorem ipsume content', 
    'author': 1
}

- error response
{
    ['title']: 'field is required'
}

Does the above ouput makes sense to you? I mean, it clearly doesn't help the frontend devs, trying putting yourself in their shoes. Imagine the dev is trying to check for the status code in the data been outputted, and the above is what the developer got. Dang! Extra work, right? I happen to work with a mobile developer, and he changed the way I build APIs. So instead of the above way, what do you think of this;

from module import success_response, error_response


class GetPostsAPiView(APIView):

    def get(self, request):
        posts = Post.objects.all()
        post_serializer = PostSerializer(posts,  many=True)

        if post_serializer.is_valid():
            post_serializer.save()

            payload = success_response(
                status="200 ok",
                message="All the posts don come, chief!"
                data=serializer.data
            )
            return Response(data=payload)
        
        else:
            payload = error_response(
                status="400 bad request",
                message="Something went wrong, chief! Try again sometime"
            )
            return Response(data=payload)


# OUTPUT
-----------
- success response
{
    'status': '200 ok', 
    'message':'All the posts don come, chief!', 
    'data': {'title': 'First blog post', 'content': 'Lorem ipsume content', 'author': 1}'
}

- error response
{
    'status': '400 bad request',
    'message': 'Ahh, chief, nothing dey here oooo!',
    'data': {['title']: 'field is required'}
}

What do you think about the above? Pretty neat and industry standard, right? Installing the package is pretty is easy, fam. Here's how to:

pip install rest-api-payload

In the file (.py) that you wish to use it, import it.

from rest_api_payload import success_response, error_response

And that's all, you can begin calling the function and passing arguments!


Contribute

All contributions are welcome:

  • Read the issues, Fork the project and do a Pull Request.
  • Request a new topic creating a New issue with the enhancement tag.
  • Find any kind of errors in the README and create a New issue with the details or fork the project and do a Pull Request.
  • Suggest a better or more pythonic way for existing examples.
You might also like...
Dumps the payload.bin image found in Android update images.
Dumps the payload.bin image found in Android update images.

payload dumper Dumps the payload.bin image found in Android update images. Has significant performance gains over other tools due to using multiproces

Rasmus 7 Nov 17, 2022
PyFUD - Fully Undetectable payload generator for metasploit

PyFUD fully Undetectable payload generator for metasploit Usage: pyfud.py --host

null 3 Mar 25, 2022
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.

CVE-2021-21389 BuddyPress 7.2.1 - REST API Privilege Escalation to RCE PoC (Full) Affected version: 5.0.0 to 7.2.0 User requirement: Subscriber user

KIEN HOANG 17 Nov 9, 2022
A guide to building basic malware in Python by implementing a keylogger application
A guide to building basic malware in Python by implementing a keylogger application

Keylogger-Malware-Project A guide to building basic malware in Python by implementing a keylogger application. If you want even more detail on the Pro

Noah Davis 1 Jan 11, 2022
pybotnet - A Python Library for building Botnet , Trojan or BackDoor for windows and linux with Telegram control panel
pybotnet - A Python Library for building Botnet , Trojan or BackDoor for windows and linux with Telegram control panel

pybotnet A Python Library for building botnet , trojan or backdoor for windows and linux with Telegram control panel Disclaimer: Please note that this

</oNion 181 Jan 2, 2023
Repository for a project of the course EP2520 Building Networked Systems Security

EP2520_ACME_Project Repository for a project of the course EP2520 Building Networked Systems Security in Royal Institute of Technology (KTH), Stockhol

null 1 Dec 11, 2021
PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

privateRoom Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin STEPS: Uploa

Divyanshu Kumar 3 Nov 8, 2022
This project is all about building an amazing application that will help users manage their passwords and even generate new passwords for them
This project is all about building an amazing application that will help users manage their passwords and even generate new passwords for them

An amazing application that will help us manage our passwords and even generate new passwords for us.

null 1 Jan 23, 2022
Format SSSD Raw Kerberos Payloads into CCACHE files for use on Windows systems
Format SSSD Raw Kerberos Payloads into CCACHE files for use on Windows systems

KCMTicketFormatter This tools takes the output from https://github.com/fireeye/SSSDKCMExtractor and turns it into properly formatted CCACHE files for

Black Lantern Security 35 Oct 25, 2022
Releases(v0.0.6)
Owner
Abram (^o^)
A shadow that works behind the curtain(s), working all round the clock- to take care of a system backend infrastructure. I build with Python, and I love anime.
Abram (^o^)
GitHub Repository
Anti Supercookie - Confusing the ISP & Escaping the Supercookie

Confusing the ISP & Escaping the Supercookie

Baris Dincer 2 Nov 22, 2022
Keystroke logging, often referred to as keylogging or keyboard capturing

Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware

Harsha G 2 Jan 11, 2022
一款Web在线自动免杀工具

一款利用加载器以及Python反序列化绕过AV的在线免杀工具 因为打包方式的局限性,不能跨平台,若要生成exe格式的只能在Windows下运行本项目 打包速度有点慢,提交后稍等一会 开发环境及运行 前端使用Bootstrap框架,后端使用Django框架 。

yhy 172 Nov 28, 2022
Python HDFS client

Python HDFS client Because the world needs yet another way to talk to HDFS from Python. Usage This library provides a Python client for WebHDFS. NameN

Jing Wang 82 Dec 28, 2022
Windows Stack Based Auto Buffer Overflow Exploiter

Autoflow - Windows Stack Based Auto Buffer Overflow Exploiter Autoflow is a tool that exploits windows stack based buffer overflow automatically.

Himanshu Shukla 19 Dec 22, 2022
A python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

Hcoder This is a python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

Muhammad Hamza 3 Dec 06, 2021
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w

Podalirius 48 Dec 03, 2022
This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data.

Scrambler App This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data. It leverages encryption tools such as

Mystic 2 Aug 31, 2022
Implementation of an attack on a tropical algebra discrete logarithm based protocol

Implementation of an attack on a tropical algebra discrete logarithm based protocol This code implements the attack detailed in the paper: On the trop

3 Dec 30, 2021
自动化爆破子域名,并遍历所有端口寻找http服务,并使用crawlergo、dirsearch、xray等工具扫描并集成报告;支持动态添加扫描到的域名至任务;

AutoScanner AutoScanner是什么 AutoScanner是一款自动化扫描器,其功能主要是遍历所有子域名、及遍历主机所有端口寻找出所有http服务,并使用集成的工具进行扫描,最后集成扫描报告; 工具目前有:oneforall、masscan、nmap、crawlergo、dirse

633 Dec 30, 2022
Remote control your Greenbone Vulnerability Manager (GVM)

Greenbone Vulnerability Management Tools The Greenbone Vulnerability Management Tools gvm-tools are a collection of tools that help with remote contro

Greenbone 130 Dec 17, 2022
Password Manager is a simple Python project which helps users in managing their passwords in a easier way

Password Manager is a simple Python project which helps users in managing their passwords in a easier way

Manish Jalui 4 Sep 29, 2021
Gitlab RCE - Remote Code Execution

Gitlab RCE - Remote Code Execution RCE for old gitlab version = 11.4.7 & 12.4.0-12.8.1 LFI for old gitlab versions 10.4 - 12.8.1 This is an exploit f

153 Nov 09, 2022
Open-source keylogger write in python

Python open-source keylogger Language Python open-source keylogger using pynput module Using Install dependences in archive setup.py or install.sh in

Dio brando 4 Jan 15, 2022
APKLeaks - Scanning APK file for URIs, endpoints & secrets.

APKLeaks - Scanning APK file for URIs, endpoints & secrets.

dw1 3.5k Jan 09, 2023
Vulnerability Exploitation Code Collection Repository

Introduction expbox is an exploit code collection repository List CVE-2021-41349 Exchange XSS PoC = Exchange 2013 update 23 = Exchange 2016 update 2

0x0021h 263 Feb 14, 2022
A simple multi-threaded distributed SSH brute-forcing tool written in Python.

OrbitalDump A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxi

K4YT3X 408 Jan 03, 2023
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams

Mitiga 13 Jan 04, 2022
Natas teaches the basics of serverside web-security.

over-the-wire-natas Natas teaches the basics of serverside web-security. Each level of natas consists of its own website located at http://natasX.nata

Siddhant Chouhan 1 Nov 27, 2021
A Python Scanner for log4j

log4j-Scanner scanner for log4j cat web-urls.txt | python3 log4j.py ID.burpcollaborator.net web-urls.txt http://127.0.0.1:8080 https://www.google.c

Ihebski 5 Jun 26, 2022