Nested Serializer Fields Django Rest Framework

I tested it a little more and you should adjuste the code a little bit and you don´t need a UserSerializer for that case in ProvinceSerializer.

I don´t know your model but where did you get created_by-field? Is it a part of your model? If not it won´t work to change user to created_by as mentioned.

model

class Province(models.Model):
    province_uid = models.UUIDField()
    province_name = models.CharField(max_length=255)
    date_created = models.DateTimeField(auto_now_add=True)
    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)

serializer

class ProvinceSerializer(serializers.ModelSerializer):

    created_by = serializers.SerializerMethodField()

    class Meta:
        model = Province
        exclude = ['user']
        read_only_fields = ('id', 'province_uid', 'date_created')

    def get_created_by(self, obj):
        return {'first_name': obj.user.first_name, 'last_name': obj.user.last_name}

view

class TestView(views.APIView):

    def get(self, request):
        serializer = ProvinceSerializer(Province.objects.all(), many=True)
        return Response(data=serializer.data)

Mark the password field as write only.

class UserSerializer(serializers.ModelSerializer):
    class Meta:
        model = User
        fields = ['first_name', 'last_name']
        extra_kwargs = {
                'password': {'write_only': True, 'required': False}
        }

Update:

You need to serialize created_by by providing UserSerializer else the depth=1 will populate all the data from foreign key relation.

Also not sure why you need many=True for user attribute in the ProvinceSerializer. Can only comment on it after seeing the models

class ProvinceSerializer(serializers.ModelSerializer):
    user = UserSerializer(many=True, read_only=True)
    created_by = UserSerializer(read_only=True)
    class Meta:
        model = Province
        fields = ['id', 'province_uid', 'province_name', 'date_created','created_by','user' ]
        read_only_fields = ('id','province_uid', 'date_created')
        depth = 1

Both the answers did exactly what I needed thank you so much Klim and MjZac, wish I could get you coffee. To anyone with a similar challenge, just pick any of the two and it will work. To answer Klims question, created_by is a foreign key of the User model. I have it as;

created_by = models.ForeignKey(User, verbose_name="Created By", on_delete=models.CASCADE, null=False)

in the Province model. Below are the serializers with one commented after testing solution:

class UserSerializer(serializers.ModelSerializer):
    class Meta:
        model = User
        fields = ('first_name', 'last_name')
        read_only_fields = ('first_name', 'last_name')

# class ProvinceSerializer(serializers.ModelSerializer):
#     created_by = UserSerializer(read_only=True)
#     class Meta:
#         model = Province
#         fields = ['id', 'province_uid', 'province_name', 'date_created','created_by' ]
#         read_only_fields = ('id','province_uid', 'date_created','created_by')
#         depth = 1

class ProvinceSerializer(serializers.ModelSerializer):
    
    created_by = serializers.SerializerMethodField()

    class Meta:
        model = Province
        fields = ['id', 'province_uid', 'province_name', 'date_created','created_by' ]
        read_only_fields = ('id', 'province_uid', 'date_created')

    def get_created_by(self, obj):
        return {'first_name': obj.created_by.first_name, 'last_name': obj.created_by.last_name}

Notice I added read_only_fields on the UserSerializer because they required input on my Swagger UI, right now I am getting "created_by": {} on Swagger but I can live with that as I find ways of removing it completely. Happy coding and do stay safe.