A comprehensive Django REST API backend for managing hackathons, teams, projects, and judging processes.
- User Management: Registration, authentication, profiles with JWT tokens
- Hackathon Management: Create, manage, and organize hackathons
- Team Formation: Create teams, invite members, manage participation
- Project Submission: Submit projects with GitHub links, demos, and presentations
- Judging System: Multi-criteria scoring with detailed reviews
- Organization Management: Handle hackathon organizing entities
- Media Upload: Cloudinary integration for file uploads
- API Documentation: Auto-generated Swagger/OpenAPI documentation
vortexis_backend/
βββ accounts/ # User authentication, profiles, permissions
βββ hackathon/ # Hackathon models, themes, rules, prizes
βββ team/ # Team management and member operations
βββ project/ # Project models and submissions
βββ organization/ # Organization management
βββ social_auth/ # Google OAuth integration
- User: Custom user model with roles (participant, organizer, judge)
- Hackathon: Main hackathon entity with themes, rules, and prizes
- Team: Team formation with member management
- Project: Project submissions with GitHub and demo links
- Submission: Links projects to hackathons for judging
- Review: Multi-criteria scoring system for judges
- Python 3.13+
- pip
- Virtual environment
- Clone the repository
git clone <repository-url>
cd vortexis-backend- Create and activate virtual environment
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate- Install dependencies
pip install -r requirements.txt- Environment Configuration
cp .env.example .env
# Edit .env with your configuration- Database Setup
python manage.py makemigrations
python manage.py migrate- Create Superuser
python manage.py createsuperuser- Run Development Server
python manage.py runserverCopy .env.example to .env and configure:
# Django Settings
SECRET_KEY=your-secret-key-here
DEBUG=True
ALLOWED_HOSTS=localhost,127.0.0.1
# Security
CORS_ALLOW_ALL_ORIGINS=True
CORS_ALLOWED_ORIGINS=http://localhost:3000
# Email Configuration
EMAIL_HOST_USER=your-email-user
EMAIL_HOST_PASSWORD=your-email-password
# Social Auth
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
# Cloudinary (Optional)
USE_CLOUDINARY=False
CLOUDINARY_CLOUD_NAME=your-cloud-name
CLOUDINARY_API_KEY=your-api-key
CLOUDINARY_API_SECRET=your-api-secret- JWT authentication with refresh tokens
- CORS configuration for frontend integration
- Security headers (XSS protection, content type nosniff)
- HTTPS enforcement in production
- Secure cookie settings
POST /api/v1/auth/register/- User registrationPOST /api/v1/auth/login/- User loginPOST /api/v1/auth/verify/- Email verificationPOST /api/v1/auth/google/- Google OAuth login
GET /api/v1/hackathon/- List hackathonsPOST /api/v1/hackathon/create/- Create hackathonGET /api/v1/hackathon/{id}/- Get hackathon detailsPOST /api/v1/hackathon/{id}/register/- Register team for hackathon
GET /api/v1/team/teams/- List teamsPOST /api/v1/team/teams/- Create teamGET /api/v1/team/teams/{id}/- Get team detailsPUT /api/v1/team/teams/{id}/- Update teamPOST /api/v1/team/teams/{id}/add_member/- Add team memberPOST /api/v1/team/teams/{id}/remove_member/- Remove team member
GET /api/v1/project/projects/- List projectsPOST /api/v1/project/projects/- Create projectGET /api/v1/project/projects/{id}/- Get project detailsPUT /api/v1/project/projects/{id}/- Update project
- Swagger UI:
/swagger/- Interactive API documentation - ReDoc:
/redoc/- Alternative documentation interface
Run the basic functionality tests:
python test_basic.pyCheck Django configuration:
python manage.py check- JWT tokens with configurable expiration
- Role-based permissions (Participant, Organizer, Judge, Admin)
- Secure password validation
- Input validation on all endpoints
- SQL injection prevention through Django ORM
- XSS protection with security headers
- CSRF protection for forms
- Environment-based configuration
- Secure secret key management
- HTTPS enforcement
- Security headers configuration
- Set
DEBUG=Falsein production - Configure proper
ALLOWED_HOSTS - Set up database (PostgreSQL recommended)
- Configure static file serving
- Set up media file handling (Cloudinary recommended)
- Web Server: Nginx
- WSGI Server: Gunicorn
- Database: PostgreSQL
- Media Storage: Cloudinary
- Deployment: Docker, AWS, or Heroku
β
Fixed duplicate endpoints in Swagger documentation
β
Converted team views to ViewSets with DRF routers
β
Consistent URL patterns across all apps
β
Proper serializer organization
β
Environment-based configuration with python-decouple
β
Secure CORS settings
β
Security headers implementation
β
Production-ready settings separation
β
Removed circular imports between apps
β
Consistent error handling
β
Proper permissions and authentication
β
Clean separation of concerns
β
Cloudinary integration for scalable media storage
β
Fallback to local storage for development
β
Secure file upload handling
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests for new functionality
- Submit a pull request
This project is licensed under the MIT License.
For support and questions:
- Create an issue in the repository
- Contact the development team
- Check the documentation at
/swagger/
Vortexis - Empowering hackathon communities with robust management tools.