This library includes various cross-cutting concerns related to APIs. API functionality added to this library must be required for multiple Open edX applications or multiple repositories.

Some of these concerns include extensions of Django REST Framework (DRF), which is how the repository initially got its name.

After a PR merges, a new version of the package will automatically be released by Travis when the commit is tagged. Use:

git tag -a X.Y.Z -m "Releasing version X.Y.Z"
git push origin X.Y.Z

Do not create a Github Release, or ensure its message points to the CHANGELOG.rst and ADR 0001-use-changelog.rst.

JWT Authentication is the preferred method of authentication for Open edX API endpoints. See JWT Authentication README for more details.

One feature of this library is a csrf app containing an API endpoint for retrieving CSRF tokens from the Django service in which it is installed. This is useful for frontend apps attempting to make POST, PUT, and DELETE requests to a Django service with Django's CSRF middleware enabled.

To make use of this API endpoint:

1. Install edx-drf-extensions in your Django project.
2. Add csrf.apps.CsrfAppConfig to INSTALLED_APPS.
3. Add 'edx_rest_framework_extensions.auth.jwt.middleware.JwtAuthCookieMiddleware' to MIDDLEWARE.
4. Add csrf.urls to urls.py.

The latest documentation for this repository can be found on Read the Docs

The code in this repository is licensed under Apache 2.0 unless otherwise noted.

Please see LICENSE.txt for details.

Contributions are very welcome.

Please read How To Contribute for details.

Please do not report security issues in public. Please email security@openedx.org.