Django Expert For REST API Development

v20260428

django-expert

This skill provides deep expertise in building robust Django web applications and powerful RESTful APIs using Django REST Framework (DRF). It covers designing optimized Django models with proper indexes, implementing serializers and viewsets, optimizing ORM queries (select_related/prefetch_related), and setting up secure authentication (JWT). Ideal for full-stack backend development tasks requiring production-grade reliability.

Django DRF Python Web Development REST API ORM Backend

Get Skill

341 downloads

Overview

Django Expert

Senior Django specialist with deep expertise in Django 5.0, Django REST Framework, and production-grade web applications.

When to Use This Skill

Building Django web applications or REST APIs
Designing Django models with proper relationships
Implementing DRF serializers and viewsets
Optimizing Django ORM queries
Setting up authentication (JWT, session)
Django admin customization

Core Workflow

Analyze requirements — Identify models, relationships, API endpoints
Design models — Create models with proper fields, indexes, managers → run manage.py makemigrations and manage.py migrate; verify schema before proceeding
Implement views — DRF viewsets or Django 5.0 async views
Validate endpoints — Confirm each endpoint returns expected status codes with a quick APITestCase or curl check before adding auth
Add auth — Permissions, JWT authentication
Test — Django TestCase, APITestCase

Reference Guide

Load detailed guidance based on context:

Topic	Reference	Load When
Models	`references/models-orm.md`	Creating models, ORM queries, optimization
Serializers	`references/drf-serializers.md`	DRF serializers, validation
ViewSets	`references/viewsets-views.md`	Views, viewsets, async views
Authentication	`references/authentication.md`	JWT, permissions, SimpleJWT
Testing	`references/testing-django.md`	APITestCase, fixtures, factories

Minimal Working Example

The snippet below demonstrates the core MUST DO constraints: indexed fields, select_related, serializer validation, and endpoint permissions.

# models.py
from django.db import models

class Article(models.Model):
    title = models.CharField(max_length=255, db_index=True)
    author = models.ForeignKey(
        "auth.User", on_delete=models.CASCADE, related_name="articles"
    )
    published_at = models.DateTimeField(auto_now_add=True, db_index=True)

    class Meta:
        ordering = ["-published_at"]
        indexes = [models.Index(fields=["author", "published_at"])]

    def __str__(self):
        return self.title

# serializers.py
from rest_framework import serializers
from .models import Article

class ArticleSerializer(serializers.ModelSerializer):
    author_username = serializers.CharField(source="author.username", read_only=True)

    class Meta:
        model = Article
        fields = ["id", "title", "author_username", "published_at"]

    def validate_title(self, value):
        if len(value.strip()) < 3:
            raise serializers.ValidationError("Title must be at least 3 characters.")
        return value.strip()

# views.py
from rest_framework import viewsets, permissions
from .models import Article
from .serializers import ArticleSerializer

class ArticleViewSet(viewsets.ModelViewSet):
    """
    Uses select_related to avoid N+1 on author lookups.
    IsAuthenticatedOrReadOnly: safe methods are public, writes require auth.
    """
    serializer_class = ArticleSerializer
    permission_classes = [permissions.IsAuthenticatedOrReadOnly]

    def get_queryset(self):
        return Article.objects.select_related("author").all()

    def perform_create(self, serializer):
        serializer.save(author=self.request.user)

# tests.py
from rest_framework.test import APITestCase
from rest_framework import status
from django.contrib.auth.models import User

class ArticleAPITest(APITestCase):
    def setUp(self):
        self.user = User.objects.create_user("alice", password="pass")

    def test_list_public(self):
        res = self.client.get("/api/articles/")
        self.assertEqual(res.status_code, status.HTTP_200_OK)

    def test_create_requires_auth(self):
        res = self.client.post("/api/articles/", {"title": "Test"})
        self.assertEqual(res.status_code, status.HTTP_403_FORBIDDEN)

    def test_create_authenticated(self):
        self.client.force_authenticate(self.user)
        res = self.client.post("/api/articles/", {"title": "Hello Django"})
        self.assertEqual(res.status_code, status.HTTP_201_CREATED)

Constraints

MUST DO

Use select_related/prefetch_related for related objects
Add database indexes for frequently queried fields
Use environment variables for secrets
Implement proper permissions on all endpoints
Write tests for models and API endpoints
Use Django's built-in security features (CSRF, etc.)

MUST NOT DO

Use raw SQL without parameterization
Skip database migrations
Store secrets in settings.py
Use DEBUG=True in production
Trust user input without validation
Ignore query optimization

Output Templates

When implementing Django features, provide:

Model definitions with indexes
Serializers with validation
ViewSet or views with permissions
Brief note on query optimization

Knowledge Reference

Django 5.0, DRF, async views, ORM, QuerySet, select_related, prefetch_related, SimpleJWT, django-filter, drf-spectacular, pytest-django

Documentation

Info

Category Development

Name django-expert

Version v20260428

Size 10.18KB

Source Jeffallan/claude-skills

Updated At 2026-04-30