我强烈推荐使用 django-tastypie 用于服务器到客户端的通信.我在服务器到服务器或服务器到客户端的许多应用程序中都使用过它.这允许您应用 django 安全性以及有关授权过程的更多逻辑.它还提供开箱即用的功能:

I would strongly recommend using django-tastypie for server to client communication. I have used it in numerous applications both server to server or server to client. This allows you to apply the django security as well as some more logic regarding the authorization process. It offers also out of the box:

• 节流
• json、xml 等格式的序列化
• 身份验证(基本、apikey、自定义和其他)
• 验证
• 授权
• 分页
• 缓存

因此，作为一个总体概述，我建议构建这样一个框架，使您的内部 api 在未来的扩展中更具互操作性且更安全.

So, as an overall overview i would suggest on building on such a framework that would make your internal api more interoperable for future extensions and more secure.

现在具体回答您的问题，如果没有至少一些基本的身份验证/授权，我将永远不会启用任何服务器 API.

To specifically now answer your question, i would never enable any server api without at least some basic authentication/authorization.

希望我能回答您关于如何使用框架解决上述所有问题的问题.

Hopefully i answer your questions on how you can deliver all of your above worries with a framework.

您要求的 django-rest-framework 也非常先进且易于使用，但出于我解释的原因，我更喜欢美味派.

The django-rest-framework that you ask for, is also really advanced and easy to use, but i prefer tastypie for the reasons i explain.

希望能帮到你！