A simple backend MVP for managing products and their reviews using Django + Django REST Framework.
- User registration and token-based authentication
- Admins can create, update, and delete products
- Regular users can post one review per product
- All users can view product details and aggregated ratings
- Role-based permission control (Admin vs Regular User)
git clone <repo_url>
cd pfact
python -m venv env
source env/bin/activate # or env\Scripts\activate on Windows
pip install -r requirements.txt
python manage.py migrate
python manage.py createsuperuser
python manage.py runserverWe use token authentication.
POST /api/auth/register/
{
"username": "john",
"password": "password123",
"is_staff": false
}POST /api/auth/login/
{
"username": "john",
"password": "password123"
}Response:
{
"token": "abcd1234...",
"user_id": 1,
"username": "john",
"is_staff": false
}Use the token in headers:
Authorization: Token abcd1234...
POST /api/products/
{
"name": "iPhone 15",
"description": "Latest iPhone model.",
"price": 999.99
}GET /api/products/
GET /api/products/<id>/
Response:
{
"id": 1,
"name": "iPhone 15",
"description": "Latest iPhone model.",
"price": "999.99",
"average_rating": 4.5,
"reviews": [
{
"id": 3,
"product": 1,
"user": 5,
"rating": 5,
"feedback": "Amazing!"
}
]
}PUT /api/products/<id>/
DELETE /api/products/<id>/
POST /api/reviews/
{
"product": 1,
"rating": 4,
"feedback": "Very good product!"
}
⚠️ Each user can submit only one review per product.
GET /api/reviews/
Handled via ProductSerializer.reviews inside GET /api/products/<id>/
| Role | Can Add Products | Can Review Products | Can View |
|---|---|---|---|
| Admin | ✅ | ❌ | ✅ |
| Regular User | ❌ | ✅ | ✅ |
| Anonymous | ❌ | ❌ | ✅ |
curl -X POST http://localhost:8000/api/auth/register/ \
-H "Content-Type: application/json" \
-d '{"username":"john", "password":"pass123", "is_staff": false}'curl -X POST http://localhost:8000/api/auth/login/ \
-H "Content-Type: application/json" \
-d '{"username":"john", "password":"pass123"}'- Python 3.x
- Django 4.x
- Django REST Framework
- Token Authentication
MIT