In this chapter, we improved the REST API in many ways. We added unique constraints to the model and updated the database, we made it easy to update single fields with the PATCH method and we took advantage of pagination.

Then, we started working with authentication, permissions, and throttling. We added security-related data to the models and we updated the database. We made numerous changes in the different pieces of code to achieve a specific security goal and we took advantage of Django REST Framework authentication and permissions features.

Now that we have built an improved and complex API that takes into account authentication and uses permission policies, we will use additional abstractions included in the framework, we will add throttling and tests, which is what we are going to discuss in the next chapter.