This repository contains the Django-powered REST API backend for the SecCodeSmith portfolio website. It provides endpoints for blog posts, project showcases, image properties, and static page content (About, Contact, Skills, Footer Links).
- About
- Features
- Tech Stack
- Requirements
- Quick Start
- Installation
- Configuration
- Running the Server
- Testing
- Code Quality
- Docker Support
- API Reference
- Contributing
- CI/CD Pipeline
- License
- Contact
SecCodeSmith Backend serves as the data layer for the portfolio site, supplying JSON over REST endpoints that the front-end consumes for dynamic content. The API is built with Django and Django REST Framework, providing a robust and scalable foundation for the portfolio website.
- π₯ Blog Posts: List, paginate, and count pages of blog entries
- π Project Showcase: List projects, view details, and filter by category
- πΌοΈ Image Properties: Serve metadata for portfolio images
- π Static Pages: Endpoints for About, Contact, Skills, and Footer Links content
- π CSRF Support: Retrieve CSRF tokens for secure front-end forms
- π¨βπΌ Admin Interface: Built-in Django admin at
/admin/ - π§ͺ Comprehensive Testing: Unit tests with pytest and Django TestCase
- π Code Quality: Automated linting, formatting, and security checks
- π³ Docker Support: Containerized deployment ready
- β‘ Caching: Redis-based caching for improved performance
- π Python 3.10+
- π Django 5.2.1
- π‘ Django REST Framework 3.16.0
- ποΈ PostgreSQL (Production) / SQLite (Development)
- π΄ Redis for caching
- π§ͺ pytest for testing
- π flake8, black, isort for code quality
- π‘οΈ bandit, safety for security scanning
- π³ Docker for containerization
- Python 3.10 or later
- pip (Python package installer)
- Redis (for caching)
- PostgreSQL (optional, for production)
Get up and running in less than 5 minutes:
Linux/macOS:
# Clone the repository
git clone https://github.com/SecCodeSmith/SecCodeSmith-backend.git
cd SecCodeSmith-backend
# Make script executable and setup
chmod +x dev.sh
./dev.sh setup
# Start the server
./dev.sh runserverWindows:
# Clone the repository
git clone https://github.com/SecCodeSmith/SecCodeSmith-backend.git
cd SecCodeSmith-backend
# Setup environment
dev.bat setup
# Start the server
dev.bat runserverUsing Make (Linux/macOS):
# Setup development environment
make setup
# Start the server
make runserverThe API will be available at http://127.0.0.1:8000/
This project includes convenient development scripts:
- Linux/macOS:
./dev.sh [command] - Windows:
dev.bat [command] - Make:
make [target](Linux/macOS only)
Available commands:
setup- Complete development environment setuptest- Run test suitelint- Run code quality checksformat- Format code with black and isortrunserver- Start Django development servermigrate- Run database migrationssecurity- Run security scans
git clone https://github.com/SecCodeSmith/SecCodeSmith-backend.git
cd SecCodeSmith-backendLinux/macOS:
python -m venv .venv
source .venv/bin/activateWindows:
python -m venv .venv
.venv\Scripts\activatepip install --upgrade pip
pip install -r requirements.txtCreate a .env file in the project root:
# Django Settings
SECRET_KEY=your_super_secret_key_here
DEBUG=True
ALLOWED_HOSTS=localhost,127.0.0.1
# Database (Optional - defaults to SQLite)
DATABASE_TYPE=sqlite # or 'pgsql' for PostgreSQL
DATABASE_USER=postgres
DATABASE_PASSWORD=your_password
DATABASE_HOST=localhost
DATABASE_PORT=5432
DATABASE_NAME=seccodesmithbackend
# Redis (Optional - uses fakeredis for development)
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_DB=0
# Email (Optional)
EMAIL_HOST=smtp.gmail.com
EMAIL_USER=your_email@gmail.com
EMAIL_PASSWORD=your_app_password
EMAIL_USE_TLS=True
EMAIL_SMTP_PORT=587python manage.py migratepython manage.py createsuperuserThe project uses environment variables for configuration via django-environ. Create a .env file to override default settings:
SQLite (Default - Development):
DATABASE_TYPE=sqlitePostgreSQL (Production):
DATABASE_TYPE=pgsql
DATABASE_USER=postgres
DATABASE_PASSWORD=your_password
DATABASE_HOST=localhost
DATABASE_PORT=5432
DATABASE_NAME=seccodesmithbackendDevelopment (FakeRedis): No configuration needed - uses in-memory caching.
Production (Redis):
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_DB=0
REDIS_PASSWORD=your_redis_passwordpython manage.py runserverThe API will be available at http://127.0.0.1:8000/
- API Root:
http://127.0.0.1:8000/api/ - Admin Panel:
http://127.0.0.1:8000/admin/ - Blog API:
http://127.0.0.1:8000/blog-api/ - Project API:
http://127.0.0.1:8000/project-api/ - Images API:
http://127.0.0.1:8000/img/
# Using pytest (recommended)
pytest
# Using Django test runner
python manage.py test# Test specific app
pytest api/test.py
# Test specific test class
pytest api/test.py::SkillCardsViewTests
# Test with verbose output
pytest -v
# Test with coverage
pytest --cov=.Tests are configured to use:
- In-memory SQLite database
- Local memory cache
- Isolated test environment
This project maintains high code quality through automated tools:
# Check code style
flake8 .
# Format code
black .
# Sort imports
isort .
# Run all checks
flake8 . && black --check . && isort --check-only .# Scan for security issues
bandit -r .
# Check for vulnerable dependencies
safety check# Build the image
docker build -t seccodesmithbackend .
# Run the container
docker run -p 8000:8000 seccodesmithbackend# Start all services
docker-compose up -d
# View logs
docker-compose logs -f
# Stop services
docker-compose downThis project is optimized for Visual Studio Code with comprehensive configuration:
- Open the workspace: Use
SecCodeSmith-backend.code-workspace - Install recommended extensions: VS Code will prompt you automatically
- Select Python interpreter: Choose
.venv/bin/pythonwhen prompted
- Debugging: Ready-to-use debug configurations for Django
- Testing: Integrated pytest runner with coverage
- Linting: Automated code quality checks
- Formatting: Auto-format on save with Black
- Tasks: One-click Django commands (F1 β "Tasks: Run Task")
Django: Run Server- Start development server with debuggingDjango: Run Tests- Run test suite with debuggingDjango: Shell- Open Django shell with debuggingDjango: Migrate- Run migrationsDjango: Make Migrations- Create new migrations
Access via Ctrl+Shift+P β "Tasks: Run Task":
- Django: Run Server
- Django: Run Tests (with coverage)
- Code Quality: Lint/Format
- Security: Scan with Bandit
- Install Dependencies
Base path: /api/
| Endpoint | Method | Description |
|---|---|---|
/api/csrf |
GET | Retrieve CSRF token |
/api/skills-cards |
GET | List skill cards for front-end display |
/api/about/ |
GET | Get content for the βAboutβ page |
/api/footer-links |
GET | List social/footer links |
/api/contact/ |
GET | Get content for the βContactβ page |
Base path: /blog-api/
| Endpoint | Method | Description |
|---|---|---|
/blog-api/post/ |
GET | List all blog posts |
/blog-api/count_pages/ |
GET | Retrieve total number of paginated pages |
/blog-api/post-page/?page=<n> |
GET | List posts on page <n> |
Base path: /project-api/
| Endpoint | Method | Description |
|---|---|---|
/project-api/projects/ |
GET | List all projects |
/project-api/projects/<id>/ |
GET | Get details for project with ID <id> |
/project-api/cat |
GET | List available project categories |
Base path: /img/
| Endpoint | Method | Description |
|---|---|---|
/img/Image/<id>/ |
GET | Retrieve properties (metadata) for image <id> |
We welcome contributions! Please follow these steps:
git clone https://github.com/your-username/SecCodeSmith-backend.git
cd SecCodeSmith-backendgit checkout -b feature/your-feature-namepython -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
pip install -r requirements.txt
python manage.py migrate# Run tests
pytest
# Check code quality
flake8 .
black --check .
isort --check-only .
# Run security checks
bandit -r .
safety checkgit add .
git commit -m "Add your descriptive commit message"
git push origin feature/your-feature-nameOpen a Pull Request on GitHub with:
- Clear description of changes
- Reference to any related issues
- Screenshots if applicable
- Follow PEP 8 (enforced by flake8)
- Use Black for code formatting
- Sort imports with isort
- Write comprehensive tests for new features
- Add docstrings for complex functions
- Keep line length under 127 characters
This project uses GitHub Actions for continuous integration and deployment:
Every push and pull request triggers:
π§ͺ Testing Pipeline:
- Tests on Python 3.10, 3.11, and 3.12
- PostgreSQL and Redis service containers
- Full test suite execution with pytest
- Django system checks
- Code coverage reporting with Codecov
π Code Quality Pipeline:
- Linting with flake8
- Code formatting check with black
- Import sorting check with isort
π‘οΈ Security Pipeline:
- Security vulnerability scanning with bandit
- Dependency vulnerability check with safety
- Semgrep static analysis
π€ AI-Powered Review Pipeline:
- GitHub Copilot code review on PRs
- Automated code suggestions and improvements
- Django-specific best practices analysis
- Performance optimization recommendations
- Type checking with mypy
π³ Docker Pipeline:
- Docker image build and test (on main branch)
The README includes badges showing:
- β CI/CD pipeline status
- π Python version compatibility
- π Django version
- π License information
- π Code coverage percentage
- π€ GitHub Copilot: Automated code review for PRs
- π‘ AI Suggestions: Performance and best practices recommendations
- π Code Analysis: Static analysis with pylint, mypy, and vulture
- π‘οΈ Security Scanning: Comprehensive security analysis
mainanddevelopbranches require:- Passing CI checks
- Code review approval
- Up-to-date branches
This project is licensed under the MIT License. See the LICENSE file for details.
- Issues: Report a Bug
- SecCodeSmith - contact@seccodesmith.pl
- Built with Django and Django REST Framework
- Testing powered by pytest
- Code quality ensured by Black, flake8, and isort
- Security scanning by Bandit and Safety
- CI/CD powered by GitHub Actions