Usage

Basic

# permissions.py
from simple_django_api.exceptions import Forbidden

def author_required(view_cls):
    def inner(request, pk=None):
        if not request.user.is_author(pk):
            raise PermissionDenied(user_hint='only author has access to this blog')

from simple_django_api.views import APIView
from http import HTTPStatus

class BlogDetailView(APIView):
    method_perms = {'patch': author_required}

    def patch(self, request, pk=None):
        request.data  # you can access request body via `.data` property
        return APIResponse({}, status=HTTPStatus.NO_CONTENT)

JWT

# settings.py
MIDDLEWARE = (
    ...
    'simple_django_api.jwt.middleware.AuthenticationMiddleware',
)

API_JWT_SECRET_KEY = 'some key'
API_JWT_EXPIRATION_MINUTES = 0.05

# views.py
from django.contrib.auth import authenticate
from simple_django_api.permissions import LoginRequired
from simple_django_api.views import APIView
from simple_django_api.jwt.auth import generate_token


class TokenView(APIView):
    def post(self, request):
        username = request.data['username']
        password = request.data['password']
        user = authenticate(request, username=username, password=password)
        if user is not None:
            token = generate_token(user)
            return APIResponse.created({'token': token})
        body = {'detail': 'invalid username or password'}
        return APIResponse(body, status_code=HTTPStatus.BAD_REQUEST)


class ProfileView(APIView):
    method_perms = {'GET': LoginRequired}

    def get(self, request):
        return {'username': request.user.username}