It has been almost 4 years since I launched my SaaS business in Django, while fancier Python frameworks have been released since then, Django still remains king of the Python web framework. Thanks to an ever-growing ecosystem of packages and their outstanding stability. Only the most useful and stable packages have made the cut, links to the official package source is included in the title itself. ...
After working with Django for more than 4 years both professionally and personally, I have learned a lot of tips and tricks that I wish I knew when I started. In this article I will share some of the most important ones that I have learned over the years. Since Django documentation is very good, I will not share many code snippets, but rather explain the concepts and provide links to the official documentation. All of these tips and tricks came from my own experience, the Django documentation, and Two Scoops of Django book. ...
The Django admin interface is one of the standout features that make Django such a powerful framework. It allows you to manage your data, customers, and models with ease. However, as with any tool that provides significant control over your application’s data, there’s a need to ensure that sensitive actions like deletions are handled carefully. ...
Flutter and Django are two powerful frameworks that can be used to build web applications. However, when you try to make a request from a Flutter web app to a Django backend, you might run into a CORS (Cross-Origin Resource Sharing) issue. In this article, I will explain what is CORS and how to fix it when using Flutter for the web and Django. ...
App Plateform use case For the past 5 years I have been a fan of Digital Ocean, it is decently priced and offers everything I need to host my professional and personal projects. While I have been using their droplets for a long time, I partially switch to their App Plateform 2 years ago and I have been loving it so far. ...
Lists or arrays are commonly used data types in programming. However, Django does not have a built-in field for storing lists in models. In a recent project, I needed to store a list of strings in a model, and I had to find an elegant and efficient way to store the list in the database. ...
HTMX took the developer community by surprise, and rightfully so. It offered an alternative to using JavaScript and bloated SPAs for web apps for those did not want to dive into the complexity of frontend frameworks and JavaScript. Four years ago, when I first started building my Saas startup with Django, the recommendation was to build an API with DRF or FastAPI and use a frontend framework such as React or Vue.js. I tried them both, and while I really liked the latter, the disadvantages became more apparent as the project grew. ...
As of 0.56.0 release of django-allauth (2023-09-07) the support for Multi-Factor Authentication (MFA) has been added. This is great news for the Django developer as it allows to easily add MFA to your applications, but the documentation is still a bit sparse, and it appears that the feature is not widely known yet. ...
Django is by design very secure, most of the commons vulnerabilies such as XSS, CSRF, SQL injection, clickjacking are fixed by the simple use of the framework, but there is one that is not fixed by default, and it is the Idor vulnerability. In this article we will see what it is and how to fix it. ...
When working with Flutter and Django you will often need to test your app with a local server before shipping it to production, this seems like a simple task but it can be tricky to make it work with simulators. In this article, I will show you how to use your Django local server for Flutter and how to make it work with simulators in IOS and Android. ...
When you use Django Rest Framework, one of the great features that make DRF so powerful is the Browsable API. It allows you to navigate through your API and test it directly from your browser with a powerful form, queryset filter and much more. Even better, when enabled, you can use Django Debug Toolbar to optimize your API and see how many queries are generated like you would do with a normal Django view. ...
When working with Django for my startup I performed in several occasions very complex migrations and maintenance tasks that required the site not to be accessible for a few minutes and sometimes even hours. Even if the end user is not able to access the site, our team of superusers and admins should be able to access the site and perform the maintenance tasks. ...
One of the most loved features of Django is the built-in administration interface. It allows for an easy way to manage your data and is highly customizable. However, it is also a very common target for attackers. In this article, we will look at some of the most common attacks against the Django administration interface and how to protect against them. ...
When working with Django and third party libraries, you may encounter a CSRF error on login or any other form submission. This is because Django requires a CSRF token to be sent with every form submission except GET requests or if the form has the csrf_exempt decorator. During my work with Django, I have encountered this error many times, sometimes due to my own mistakes and sometimes due to third party libraries or user behavior. ...
Introduction Django is a powerful and widely-used web development framework for building secure and robust websites and web applications. However, even with the best coding practices, security vulnerabilities can still creep in. DJ Checkup offers a user-friendly security analysis tool that runs a series of checks on your Django site. Getting Started Securing your Django site is now easier than ever with DJ Checkup. Just submit the URL of your Django site in the input field and the tool will handle the rest. ...
Django 4.2 has been released with a host of new features and fixes, including support for Psycopg3, a new way to create users with a ModelForm of the User model, and a new option to merge model changes into the latest migration. Here’s an overview of the most notable changes in Django 4.2: ...