Nik Tomazic
This article examines Django REST Framework, its pros and cons, and its alternatives, helping to answer the question Should I use Django REST Framework?.
Contents
What is Django REST Framework?
Django REST Framework (DRF) is a powerful open-source framework for building RESTful APIs. Due to its robustness, ease of use, and comprehensive feature set, it has become the de facto standard for building APIs with Django.
DRF's key features include:
- Routing
- Request/response handling
- Authorization and authentication
- Serialization and data validation
- Filtering, ordering, and more!
Additionally, the framework comes with a web browseable API, extensive documentation, and many third-party packages.
For more on DRF's features, review the Django REST Framework Basics article.
Pros and Cons
Django REST Framework is one of the most popular and endorsed Django packages, but it doesn't come without drawbacks.
Pros
Ease of Use
One of the best things about Django REST Framework is that it works out of the box. You simply run a pip install command, add the package to the installed apps, and you're good to start building your API.
The framework provides a solution to most common API building problems. Using it lets you focus on app-specific endpoints instead of reinventing the wheel. In fact, you can build a fully-fledged API in a few lines of code using the built-in serializers, view sets, and routers.
DRF excels in building generic CRUD (Create, Read, Update, Delete) APIs.
Mature and Battle-tested
Django REST Framework has been around for more than a decade. It's a mature and battle-tested framework. Over the years, it has been adopted by many companies, including some recognizable ones such as Mozilla, Red Hat, and Heroku.
Another great thing about DRF is that it's well thought out. It's based on a modular architecture, allowing you to swap out different components without too much hassle. For example, the permission system, authentication, or the serialization layer.
Plus, the framework aligns with Django's conventions. If you're familiar with Django, navigating through DRF's source code will be easy.
Secure
Django REST Framework helps you build less error-prone, more maintainable, and safer APIs.
The library conforms to a coding standard and forces you to do the same. This allows you to avoid common API building mistakes and makes onboarding new developers easier. Additionally, DRF comes with many built-in security features such as CSRF protection, data validation, and request throttling.
Huge Ecosystem
Django REST Framework integrates well with most popular Django extensions. On top of that, the framework has cultivated an enormous ecosystem of third-party packages.
What's more, DRF is backed by a massive community of developers. At the time of writing, django-rest-framework has more than 1.2k contributors on GitHub. If you ever get stuck, finding help should be easy.
Cons
Hard to Master
As introduced earlier, Django REST Framework is relatively easy to get started with. You can achieve practically anything by utilizing the basic API view class. However, the framework's true power lies in its CBVs and premade classes for serialization, view sets, routing, etc.
If you're new to DRF, it might take a while to wrap your head around them. But once you figure them out, you'll be able to cut your codebase in half and you'll end up with a much "cleaner" web app.
Performance Issues
Django REST Framework can slow down your web app due to the added overhead. The package is designed to make building APIs easy, not to be as performant as possible.
Its serialization process is relatively slow compared to other serialization libraries such as marshmallow and serpy (see the benchmarks). Even Tom Christie, the developer of DRF, mentioned that you should avoid using serializers in performance-critical views (source).
Another problem arises when serializing related fields. By default, DRF doesn't automatically optimize query sets passed to serializers in terms of select_related and prefetch_related. That makes it easy to introduce the N+1 problem.
Bad Separation of Concerns (SoC)
The serialization layer in DRF performs too much work. It's responsible for serialization, data validation, and model creation. Some codebases I've stumbled upon also include business logic in serializers.
This often results in developers writing duplicate validation code for their serializers and models. On top of that, it makes your code way more difficult to test.
Lack of New Features
At the current stage, the framework doesn't prioritize adding new features. All the commits are mostly refactorings and bug fixes. This can make DRF look a bit dated and limit its utility for some applications.
In my opinion, the framework lacks the following:
- A good authentication solution
- Asynchronous support (there's an open issue for it)
- WebSocket support
- Better nested serialization
All of these deficiencies can be addressed by using third-party packages. For example, dj-rest-auth for authentication, adrf for async support, and django-channels for web sockets. However, most of them feel too hacky.
Alternatives
Let's look at some great alternatives you should consider when starting your next project.
Django Ninja
Django Ninja is a web framework for building fast and production-ready APIs. The framework prioritizes speed and simplicity over conventional API structure. It's built on top of Starlette, which gives it excellent asynchronous capabilities.
The framework adheres to open standards for APIs, including OpenAPI (previously known as Swagger) and JSON Schema. This enables it to generate interactive API docs automatically.
Django Ninja is a fusion between Django and FastAPI. It gives you the best of both worlds: Django's admin site and ORM and FastAPI's type-hinted Pydantic models.
Pros
- Performant
- Type hints and Pydantic support
- Automatic docs generation
- Async support
Cons
- Not as feature-rich
- Limited extensibility
- Less popular
For more on Django Ninja, check out the Django and Pydantic article.
Django Tastypie
Django Tastypie is a minimalistic but flexible framework for building APIs. The framework provides serialization, authentication, caching, filtering, sorting, and basic security capabilities.
It operates on the basis of resources. You create a resource for your Django model, and Django Tastypie handles the rest. It automatically generates the serializer for it and manages the CRUD operations. It supports JSON, XML, and YAML formats.
Django Tastypie can be perfect for smaller projects that mostly require CRUD operations. By leveraging it, you'll get a nice little API-building interface while keeping everything Django has to offer.
Pros
- Flexible
- Easy to use
- Light-weight
Cons
- Lacking features
- Inappropriate for "complex" apps
- Still in beta (no full release yet)
- Less popular
FastAPI, Flask, and other frameworks
When considering whether to use Django REST Framework, it's important to also question whether you need Django in the first place. Does your project require any Django-specific features? Or are you using Django solely because you're comfortable with it?
Django might not be the best web framework for building APIs. There are several Python-based alternatives that are more appropriate. By leveraging them, you'll often get better performance, and they'll allow you to write more readable and less boilerplate code.
I suggest you check out the following three:
For more, check out Django vs. Flask: Which Framework to Choose.
Conclusion
Django REST Framework isn't required, but it definitely makes your life easier. It allows you to reuse chunks of code instead of reinventing the wheel. It also nudges you to write better, cleaner, and less error-prone code.
The framework's most significant downsides are the performance issues and lack of new features. Even though Django REST Framework isn't the fastest framework, it still makes sense to use it due to its extensive feature set. Most performance gains in web development can be achieved through proper caching and database layer optimization anyway.
If you want your API to be as performant as possible, you should experiment with FastAPI. The exemplary middle ground between Django and FastAPI is Django Ninja. Lastly, for simpler APIs, you might get away with Django Tastypie or Flask.
Future reading: