Django REST Framework (DRF) Interview Preparations (Questions and Answers)

1. What is Django REST Framework?

Django REST Framework (DRF) is a powerful and flexible toolkit for building Web APIs in Django. It simplifies the creation of RESTful services by providing serializers, authentication, and request handling.

2. What is a REST API?

REST (Representational State Transfer) API is a web service that follows REST principles like statelessness, client-server architecture, and resource-based URLs.

3. Why use DRF?

DRF provides features like serialization, authentication, browsable API, and easy integration with Django ORM.

4. What is serialization?

Serialization is the process of converting complex data types like Django models into JSON format.

5. What is a serializer in DRF?

Serializer converts Django model instances into JSON and validates incoming data.

6. Difference between Serializer and ModelSerializer?

Serializer requires manual field definitions, while ModelSerializer automatically generates fields based on the model.

7. What is parsing in DRF?

Parsing is converting incoming request data into Python data types.

8. What are renderers?

Renderers convert Python data into formats like JSON or XML for responses.

9. What is Request object in DRF?

DRF extends Django’s HttpRequest to include features like data parsing and authentication.

10. What is Response object?

Response is used to return API responses with proper content type and status code.

11. What are APIView?

APIView is a class-based view in DRF that provides more control over request handling.

12. What are Generic Views?

Generic views provide reusable logic like ListCreateAPIView, RetrieveUpdateDestroyAPIView.

13. What are ViewSets?

ViewSets combine logic for multiple views (list, create, retrieve) into one class.

14. Difference between APIView and ViewSet?

APIView gives full control, ViewSet reduces code using predefined actions.

15. What is Router?

Router automatically generates URL patterns for ViewSets.

16. What are function-based views in DRF?

They are simple views decorated with @api_view.

17. What is @api_view decorator?

It converts a function-based view into a DRF-compatible API view.

18. What is mixins in DRF?

Mixins provide reusable functionality like create, update, delete.

19. What is ListAPIView?

Used to display a list of objects.

20. What is CreateAPIView?

Used to create new records.

21. What is authentication?

Authentication verifies the identity of a user.

22. Types of authentication in DRF?

SessionAuthentication, TokenAuthentication, JWT Authentication.

23. What is Token Authentication?

It uses a token instead of username/password for authentication.

24. What is JWT?

JSON Web Token is a secure way to transmit information between client and server.

25. What are permissions?

Permissions control access to API resources.

26. Types of permissions?

AllowAny, IsAuthenticated, IsAdminUser, IsAuthenticatedOrReadOnly.

27. What is IsAuthenticated?

Allows access only to authenticated users.

28. What is IsAdminUser?

Allows access only to admin users.

29. What is custom permission?

User-defined permission logic.

30. What is throttling?

Limits the number of API requests a user can make.

31. What is validation?

Ensures data correctness before saving.

32. What is field-level validation?

Validation applied to individual fields.

33. What is object-level validation?

Validation across multiple fields.

34. What is read_only field?

Field that cannot be modified.

35. What is write_only field?

Field used only for input, not output.

36. What is nested serializer?

Serializer within another serializer.

37. What is depth in serializer?

Controls how deep relationships are serialized.

38. What is HyperlinkedModelSerializer?

Uses hyperlinks instead of primary keys.

39. What is SerializerMethodField?

Custom method to add dynamic fields.

40. What is partial update?

Updating only specific fields using PATCH.

41. What is pagination?

Breaking large data into smaller chunks.

42. Types of pagination?

PageNumberPagination, LimitOffsetPagination, CursorPagination.

43. What is filtering?

Restricting results based on query parameters.

44. What is ordering?

Sorting API results.

45. What is search filter?

Allows searching data using keywords.

46. What is versioning?

Managing API versions.

47. What is API testing?

Testing endpoints using tools like Postman.

48. What is status codes?

HTTP response codes like 200, 404, 500.

49. What is CORS?

Cross-Origin Resource Sharing allows API access from different domains.

50. What is CSRF?

Security protection against unauthorized requests.

51. What is caching in DRF?

Caching stores API responses temporarily to improve performance and reduce database load.

52. Types of caching?

Per-view caching, template caching, low-level caching using Django cache framework.

53. What is throttling class?

Defines rate limits for API requests to prevent abuse.

54. What is ScopedRateThrottle?

Allows different rate limits for different API endpoints.

55. What is API versioning?

Strategy to manage different versions of an API without breaking existing clients.

56. Types of versioning?

URLPathVersioning, NamespaceVersioning, HeaderVersioning.

57. What is content negotiation?

Determines response format (JSON, XML) based on client request.

58. What is metadata in DRF?

Provides information about API endpoints such as allowed methods and fields.

59. What is schema generation?

Automatically generates API documentation structure.

60. What is OpenAPI?

A specification for defining REST APIs used for documentation.

61. What is Swagger?

A tool to visualize and interact with API documentation.

62. What is Redoc?

Another tool for rendering API documentation.

63. What is testing in DRF?

Testing APIs using tools like APITestCase or APIClient.

64. What is APIClient?

A DRF tool for simulating API requests in tests.

65. What is APITestCase?

A class for writing test cases for APIs.

66. What is force_authenticate?

Used in tests to bypass authentication.

67. What is signals in Django?

Signals allow certain senders to notify receivers when actions occur.

68. What is pre_save signal?

Triggered before saving a model instance.

69. What is post_save signal?

Triggered after saving a model instance.

70. What is middleware?

Middleware processes requests and responses globally.

71. What is custom middleware?

User-defined middleware for custom logic.

72. What is deployment?

Process of making API available on production server.

73. Tools for deployment?

Gunicorn, Nginx, Docker.

74. What is Gunicorn?

A Python WSGI HTTP server for running Django apps.

75. What is Nginx?

A web server used as reverse proxy for serving APIs.

76. What is Docker?

A containerization tool for packaging applications.

77. What is CI/CD?

Continuous Integration and Continuous Deployment automation.

78. What is logging?

Recording API events and errors.

79. What is exception handling?

Managing errors in API responses.

80. What is custom exception?

User-defined error handling logic.

81. What is API security?

Protecting APIs from attacks like SQL injection and XSS.

82. What is HTTPS?

Secure communication protocol using SSL/TLS.

83. What is rate limiting?

Restricting API usage to avoid abuse.

84. What is pagination performance?

Improves efficiency when handling large datasets.

85. What is database optimization?

Using select_related, prefetch_related for better performance.

86. What is select_related?

Fetches related objects using SQL JOIN.

87. What is prefetch_related?

Fetches related objects in separate queries.

88. What is bulk operations?

Performing multiple database operations in one query.

89. What is async support in Django?

Handling asynchronous requests for better performance.

90. What is WebSockets?

Allows real-time communication between client and server.

91. What is Django Channels?

Used for handling WebSockets in Django.

92. What is API rate throttling?

Controlling request rate per user or IP.

93. What is JSON Web Token structure?

Header, Payload, Signature.

94. What is refresh token?

Used to generate new access tokens.

95. What is access token?

Used to access protected APIs.

96. What is serialization performance?

Optimizing serializer usage for faster responses.

97. What is DRF best practice?

Use serializers, viewsets, authentication, pagination properly.

98. What is microservices architecture?

Breaking application into small independent services.

99. What is monolithic architecture?

Single unified application structure.

100. What is DRF used for in real-world?

Used for building scalable APIs for web and mobile apps.