Hi, i need to do a rest api server in DJango Rest Framework, with only 1 GET method to query one table in a legacy database. This db is not mine and the access is only to query (readonly). No admin or user management is necessary. Model was created with inspectdb and managed is false.
Is makemigrations/migrate necessary ? - Shoud i use a second SQLite db only to support the tables generated by DJango ?, or using only this legacy db without the extra django tables is ok ?
Absolutely not. It’s never required under any circumstances. It an available tool that you may choose to use, or not, as you see fit.
Yep. I do exactly this in a number of situations.
That’s an interesting question. My gut reaction to this is no, you need something. But without either auth or admin, I’m not entirely sure.
I know I can create a minimal app without any data being used, but that means pretty much getting rid of all middleware and other apps. I have no idea whether DRF would work in that environment or not.
(Side note: This is one of those situations where I’d consider using something other than Django.)
Exactly. Migrations is used to create tables to auth, session, and others, and to reflect our models too. The key is… if we don’t need manage our own models (tables), the other django tables can be ignored to ?
thanks
Yes, that is fundamentally true. But - you mentioned that this is a DRF-based project. Can you verify that there are no “django tables” that it needs? What about any other related components? That is the question.
If you run Django with no middleware and no installed apps other than your app, it will work without data. (In addition to no auth, this probably also means no sessions, no messages, and no security layer.) But once you start adding in other components, they need to be verified for that type of environment as well.
Some apps can’t be removed because Model is been used. No way. Maybe another local BD.
This way it works:
INSTALLED_APPS = [
#‘django.contrib.admin’,
‘django.contrib.auth’,
‘django.contrib.contenttypes’,
#‘django.contrib.sessions’,
‘django.contrib.messages’,
‘django.contrib.staticfiles’,
‘rest_framework’,
‘aniversario.apps.AniversarioConfig’
]
MIDDLEWARE = [
#‘django.middleware.security.SecurityMiddleware’,
#‘django.contrib.sessions.middleware.SessionMiddleware’,
#‘django.middleware.common.CommonMiddleware’,
#‘django.middleware.csrf.CsrfViewMiddleware’,
#‘django.contrib.auth.middleware.AuthenticationMiddleware’,
#‘django.contrib.messages.middleware.MessageMiddleware’,
#‘django.middleware.clickjacking.XFrameOptionsMiddleware’,
]
some contrib like auth and contenttypes are required by Model
Thanks again
I wouldn’t remove some of the security middlewares, they won’t issue any db queries
I was thinking about that myself, but I’m wondering what the risk is in a true “read-only” situation. For example, if you’re never accepting a POST request, then CSRF doesn’t apply.
Each of those would need to be evaluated on a case-by-case basis.
Ok. I can let all enabled, and all apps to, no problem since migrate never be apply. The Rest API is running well in development env this way (enabled or not). The point is: Can i deploy it to production env ? What error could be caused by absent of django autogenerated tables to a DRF readonly app ? I’m a novice Django dev
The most likely issue that I would see would be a reference to the ContentType model. It’s possible that DRF could access that when identifying foreign key references. (There may be others, but this is the first possibility that comes to mind.)
I had used a new SQLite3 database to DJango tables, and let legacy table db apart. The migrate was done. It works and i will follow this way. Thanks to all !!!