A couple of reasons I switched to entirely REST-based apps:
In case you want to provide an API to other users who aren't going to be making native Django calls.
In case your app is going to be based on Backbone (which maps models endpoints to REST endpoints, to oversimplify things.)
In case you need to consume your app from a mobile app, or external site, or whatever.
In case you want to surface your data in any way without having to give read/write access to the database directly -- you can implement REST and API Token authentication that maps to users so that they can read and write to the data that they have access to, but no more.
If you wanted to restrict all API access to only logged-in users (to your Django app), it would be as easy as this:
from tastypie.authorization import DjangoAuthorization
and then in your 'Meta' class for each resource, you'd specify the following:
authorization = DjangoAuthorization()
That's step one. To go further, and limit access to resources per user, so that they can only access the things they should have access to (according to Django permissions), you'd simply use 'apply_authorization_limits' to narrow the query object to what the user should have access to. So, if your default query looks like
queryset = Resource.objects.all()
You could filter that down in your apply_authorization_limits method to something like this:
In case you want to provide an API to other users who aren't going to be making native Django calls.
In case your app is going to be based on Backbone (which maps models endpoints to REST endpoints, to oversimplify things.)
In case you need to consume your app from a mobile app, or external site, or whatever.
In case you want to surface your data in any way without having to give read/write access to the database directly -- you can implement REST and API Token authentication that maps to users so that they can read and write to the data that they have access to, but no more.