Django
Beyond Basics
Who is this for?
NOOB GOOD CHUCKNORRIS
What I thought…

NOOB GOOD CHUCKNORRIS
It is more like…
DESIGNER
BIG PICTUREGUY OPERATIONS
ADMIN
RAILS GUY
@arocks
arunrocks.com
Hi!
Disclaimer
This presentationdoesnot aim tobe a
comprehensiveoverviewof any part of Django.
Thereare severaltutorialscoveri...
What is Django?
It is just a framework!
Definitely not a CMS!
Get the BIG picture
The BIG picture slide
Thanks to Karen Rustad& Asheesh Laroia
Also starring…
• Lightweight,standaloneweb serverfor dev
• Formserializationand validationsystem
• Flexiblecachingframewor...
Why is Django Awesome?
List of awesome-ness
• Admin
• Security
• Greatdocumentation
• Friendlycommunity
• Stable
• Batteriesincluded
• OpenSource!
Comingfrom PHP/ASP
background
Coming from PHP/ASPbackground
Step 1: ForgetEverything,esphow easylife was…
Step 2:Thinkarchitecturefirst
Step3:Thinkabout...
101bad excuses not touse Django
But Django is too heavy!
Flask
from flask import Flask
app = Flask(__name__)
@app.route('/')
def hello_world():
return 'Hello World!'
if __name__ =...
No,
It is batteries included!
(+ cool downloadable apps)
But Django is too ugly!
Why use:
“example.com/product/[0-9]+”
?
Isn’t this is much cooler:
“example.com/product/{id}”
? 
SQL Injection!
example.com/product/1 or 1=1
will become:
SELECT * FROM Products WHERE ID = 1 OR 1=1
EvenDjango will not always save you:
“example.com/product/(.+)”
Avoid!
Be as strict as possible:
“example.com/product/[0-9]+”
Looksprettier now, huh?
Why not Django?
• Unusually highperformanceneeds
• ExistingDatabase models?
• Migrations?
• ORM/Templateisnot enough
Inoth...
Best Practices
• Distrust outsidedata. Sanitizeeverything!
• Don’tleakimplementationdetails.
• FatterModels/Managersand Le...
novice questions
What is a QuerySet?
Why is media separate?
Which IDE?
How to deploy?
Must-learn Python Packages
Must-learn Python Packages
• Pip – Don’tstart withoutthis!
• iPython/BPython– Betterthanvanillaconsole
• Pudb– Bestdebugge...
But what goes well with Django?
Must-learn Django Packages
Must-learn Django Packages
• Django-debug-toolbar– Only inDEV!
• Django_compressor– Notjust compression
• Django-extension...
Other cool Django Packages
• Djangosocialauth:One app to most Social logins
• DjangoPaypal:PayPal Payments Standard & Pro
...
My Django Workflow
1) Create a new Django project
2) Find a3rd party app or create anapp
3) Write/Improve models.py
4) Play with queries onco...
1) Create a new Django project
2) Find a3rd party app or create an app
3) Write/Improve models.py
4) Play with queries onc...
Forms are easy!
Forms are easy!
• Use formsas much as possible(Hint:security)
• ModelFormscovermost uses case
• Butselect whichfields show...
Should I use CBVs?
Ok, I made a Django
site. Now what?
Ok, I made a Django site. Now what?
• Turn off DEBUG
• Use HTTPS logins
• Set X-Frame-
Optionsheader
• Use SESSION_COOKIE_...
@arocks
Upcoming SlideShare
Loading in...5
×

Django: Beyond Basics

1,165

Published on

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,165
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
29
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Django: Beyond Basics

  1. 1. Django Beyond Basics
  2. 2. Who is this for?
  3. 3. NOOB GOOD CHUCKNORRIS What I thought… 
  4. 4. NOOB GOOD CHUCKNORRIS It is more like… DESIGNER BIG PICTUREGUY OPERATIONS ADMIN RAILS GUY
  5. 5. @arocks arunrocks.com Hi!
  6. 6. Disclaimer This presentationdoesnot aim tobe a comprehensiveoverviewof any part of Django. Thereare severaltutorialscoveringvarious aspectsof theframework. Insteadthisis talkis part experiencesharing,part advocacyand part entertainment.
  7. 7. What is Django?
  8. 8. It is just a framework!
  9. 9. Definitely not a CMS!
  10. 10. Get the BIG picture
  11. 11. The BIG picture slide Thanks to Karen Rustad& Asheesh Laroia
  12. 12. Also starring… • Lightweight,standaloneweb serverfor dev • Formserializationand validationsystem • Flexiblecachingframework • Supportfor middlewareclasses atvariouslevels • Internationalizationsystem • Unit testframework
  13. 13. Why is Django Awesome?
  14. 14. List of awesome-ness • Admin • Security • Greatdocumentation • Friendlycommunity • Stable • Batteriesincluded • OpenSource!
  15. 15. Comingfrom PHP/ASP background
  16. 16. Coming from PHP/ASPbackground Step 1: ForgetEverything,esphow easylife was… Step 2:Thinkarchitecturefirst Step3:ThinkaboutSeparationof Concerns Step 4:??? Step 5: Profit!!!
  17. 17. 101bad excuses not touse Django
  18. 18. But Django is too heavy!
  19. 19. Flask from flask import Flask app = Flask(__name__) @app.route('/') def hello_world(): return 'Hello World!' if __name__ == '__main__': app.run() Djangoexampleis onefile& almostthesame size! Django from django.http import HttpResponse from django.conf.urls.defaults import patterns DEBUG=True ROOT_URLCONF = 'pico' DATABASES = { 'default': {} } SECRET_KEY = '0123456789‘ * 50 def index(request): return HttpResponse('Hello World!') urlpatterns = patterns('', (r'^$', index)) $ PYTHONPATH=. django-admin.py runserver 0.0.0.0:8000 --settings=pico
  20. 20. No, It is batteries included! (+ cool downloadable apps)
  21. 21. But Django is too ugly!
  22. 22. Why use: “example.com/product/[0-9]+” ? Isn’t this is much cooler: “example.com/product/{id}” ?  SQL Injection!
  23. 23. example.com/product/1 or 1=1 will become: SELECT * FROM Products WHERE ID = 1 OR 1=1
  24. 24. EvenDjango will not always save you: “example.com/product/(.+)” Avoid!
  25. 25. Be as strict as possible: “example.com/product/[0-9]+”
  26. 26. Looksprettier now, huh?
  27. 27. Why not Django? • Unusually highperformanceneeds • ExistingDatabase models? • Migrations? • ORM/Templateisnot enough Inotherwords,youwantto replaceall of Django’s components.Whichyou would eventually?!
  28. 28. Best Practices • Distrust outsidedata. Sanitizeeverything! • Don’tleakimplementationdetails. • FatterModels/Managersand LeanerViews • FollowPEP8and readable names • Be asDRY as possible. • Breakdown intoreusable Apps
  29. 29. novice questions What is a QuerySet? Why is media separate? Which IDE? How to deploy?
  30. 30. Must-learn Python Packages
  31. 31. Must-learn Python Packages • Pip – Don’tstart withoutthis! • iPython/BPython– Betterthanvanillaconsole • Pudb– Bestdebugger • Fabric– Easydeployment
  32. 32. But what goes well with Django?
  33. 33. Must-learn Django Packages
  34. 34. Must-learn Django Packages • Django-debug-toolbar– Only inDEV! • Django_compressor– Notjust compression • Django-extensions– Tonsof goodies • South– Gettingintegrated? • Celery– DelayedGratification • Tastypie*–Build yummy APIs * Or anything that suits you
  35. 35. Other cool Django Packages • Djangosocialauth:One app to most Social logins • DjangoPaypal:PayPal Payments Standard & Pro • crispy-forms:NiceHTML for forms • django-taggit:Implement tags easily • Psycopg2: Talk to PostgreSQL, a solid database • django-storages:Store anywhere - Cloud, DB or FTP
  36. 36. My Django Workflow
  37. 37. 1) Create a new Django project 2) Find a3rd party app or create anapp 3) Write/Improve models.py 4) Play with queries onconsole. Run syncdb. 5) Add abare admin.py 6) Add data from admin UI 7) Write views.py. Leverage CBVs 8) If needed, adda model form to forms.py 9) Add views to urls.py 10) Jump to step 3till app looks good 11) jump to step 2 For examples, head to arunrocks.com A simplistic Django workflow…
  38. 38. 1) Create a new Django project 2) Find a3rd party app or create an app 3) Write/Improve models.py 4) Play with queries onconsole. Repeat step 3 5) Add abare admin.py 6) Add data from admin UI 7) Write views.py. Leverage CBVs 8) If needed, adda model form to forms.py 9) Add views to urls.py 10) Jump to step 3till app looks good Make friends with Git, South, Fabric… A better Django workflow… $ ./manage.py schemamigration app --initial $ ./manage.py migrate app $ ./manage.py schemamigration app --auto $ git init Write tests.py Fabric/Puppet/Chef
  39. 39. Forms are easy!
  40. 40. Forms are easy! • Use formsas much as possible(Hint:security) • ModelFormscovermost uses case • Butselect whichfields showin ModelForms • Hard set all defaults beforeform.save • FormViewis a greatgenericviewfor forms • Usingbootstrap?Use crispy-formsto savetime
  41. 41. Should I use CBVs?
  42. 42. Ok, I made a Django site. Now what?
  43. 43. Ok, I made a Django site. Now what? • Turn off DEBUG • Use HTTPS logins • Set X-Frame- Optionsheader • Use SESSION_COOKIE_ SECURE • Change /admin/ url Oreasier,go to http://ponycheckup.com/
  44. 44. @arocks
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×