I haven’t spent that much time on github until recently. Poking around there led me to create my first project repository and put in up for anyone to use: django-apikey. (The original post/announcement can be read here: “django-apikey — Key Based Authorization For RESTful Django Applications”)
It quickly got some feedback, all of which was very useful. One commenter suggested making some unit tests for the code, which forced me to learn how to write test cases for Django. Another person forked the code and made the stylistic changes to make it compliant with PEP 8.
Based on the feedback, I added test cases and changed the method I used for the key generation. It now uses a salt to generate the key, instead of trying to make a random key and hoping that it was unique (and looping until the randomly generated key was, in fact, unique).
Also, I removed the requirements for certain methods to be implemented in the User profile class, and instead made a django-apikey specific profile (ApiKeyProfile) that has a one-to-one relationship with the User object. It still requires the use of django.contrib.auth, but I’m not sure if that’s necessarily a bad thing.
I checked in all the changes, made sure it passes the unit tests and bumped the version up to 0.2.0.
Leave a Reply