Django: Beyond Basics

  • 925 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
925
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
22
Comments
0
Likes
3

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Django Beyond Basics
  • 2. Who is this for?
  • 3. NOOB GOOD CHUCKNORRIS What I thought… 
  • 4. NOOB GOOD CHUCKNORRIS It is more like… DESIGNER BIG PICTUREGUY OPERATIONS ADMIN RAILS GUY
  • 5. @arocks arunrocks.com Hi!
  • 6. Disclaimer This presentationdoesnot aim tobe a comprehensiveoverviewof any part of Django. Thereare severaltutorialscoveringvarious aspectsof theframework. Insteadthisis talkis part experiencesharing,part advocacyand part entertainment.
  • 7. What is Django?
  • 8. It is just a framework!
  • 9. Definitely not a CMS!
  • 10. Get the BIG picture
  • 11. The BIG picture slide Thanks to Karen Rustad& Asheesh Laroia
  • 12. Also starring… • Lightweight,standaloneweb serverfor dev • Formserializationand validationsystem • Flexiblecachingframework • Supportfor middlewareclasses atvariouslevels • Internationalizationsystem • Unit testframework
  • 13. Why is Django Awesome?
  • 14. List of awesome-ness • Admin • Security • Greatdocumentation • Friendlycommunity • Stable • Batteriesincluded • OpenSource!
  • 15. Comingfrom PHP/ASP background
  • 16. Coming from PHP/ASPbackground Step 1: ForgetEverything,esphow easylife was… Step 2:Thinkarchitecturefirst Step3:ThinkaboutSeparationof Concerns Step 4:??? Step 5: Profit!!!
  • 17. 101bad excuses not touse Django
  • 18. But Django is too heavy!
  • 19. Flask from flask import Flask app = Flask(__name__) @app.route('/') def hello_world(): return 'Hello World!' if __name__ == '__main__': app.run() Djangoexampleis onefile& almostthesame size! Django from django.http import HttpResponse from django.conf.urls.defaults import patterns DEBUG=True ROOT_URLCONF = 'pico' DATABASES = { 'default': {} } SECRET_KEY = '0123456789‘ * 50 def index(request): return HttpResponse('Hello World!') urlpatterns = patterns('', (r'^$', index)) $ PYTHONPATH=. django-admin.py runserver 0.0.0.0:8000 --settings=pico
  • 20. No, It is batteries included! (+ cool downloadable apps)
  • 21. But Django is too ugly!
  • 22. Why use: “example.com/product/[0-9]+” ? Isn’t this is much cooler: “example.com/product/{id}” ?  SQL Injection!
  • 23. example.com/product/1 or 1=1 will become: SELECT * FROM Products WHERE ID = 1 OR 1=1
  • 24. EvenDjango will not always save you: “example.com/product/(.+)” Avoid!
  • 25. Be as strict as possible: “example.com/product/[0-9]+”
  • 26. Looksprettier now, huh?
  • 27. Why not Django? • Unusually highperformanceneeds • ExistingDatabase models? • Migrations? • ORM/Templateisnot enough Inotherwords,youwantto replaceall of Django’s components.Whichyou would eventually?!
  • 28. Best Practices • Distrust outsidedata. Sanitizeeverything! • Don’tleakimplementationdetails. • FatterModels/Managersand LeanerViews • FollowPEP8and readable names • Be asDRY as possible. • Breakdown intoreusable Apps
  • 29. novice questions What is a QuerySet? Why is media separate? Which IDE? How to deploy?
  • 30. Must-learn Python Packages
  • 31. Must-learn Python Packages • Pip – Don’tstart withoutthis! • iPython/BPython– Betterthanvanillaconsole • Pudb– Bestdebugger • Fabric– Easydeployment
  • 32. But what goes well with Django?
  • 33. Must-learn Django Packages
  • 34. Must-learn Django Packages • Django-debug-toolbar– Only inDEV! • Django_compressor– Notjust compression • Django-extensions– Tonsof goodies • South– Gettingintegrated? • Celery– DelayedGratification • Tastypie*–Build yummy APIs * Or anything that suits you
  • 35. Other cool Django Packages • Djangosocialauth:One app to most Social logins • DjangoPaypal:PayPal Payments Standard & Pro • crispy-forms:NiceHTML for forms • django-taggit:Implement tags easily • Psycopg2: Talk to PostgreSQL, a solid database • django-storages:Store anywhere - Cloud, DB or FTP
  • 36. My Django Workflow
  • 37. 1) Create a new Django project 2) Find a3rd party app or create anapp 3) Write/Improve models.py 4) Play with queries onconsole. Run syncdb. 5) Add abare admin.py 6) Add data from admin UI 7) Write views.py. Leverage CBVs 8) If needed, adda model form to forms.py 9) Add views to urls.py 10) Jump to step 3till app looks good 11) jump to step 2 For examples, head to arunrocks.com A simplistic Django workflow…
  • 38. 1) Create a new Django project 2) Find a3rd party app or create an app 3) Write/Improve models.py 4) Play with queries onconsole. Repeat step 3 5) Add abare admin.py 6) Add data from admin UI 7) Write views.py. Leverage CBVs 8) If needed, adda model form to forms.py 9) Add views to urls.py 10) Jump to step 3till app looks good Make friends with Git, South, Fabric… A better Django workflow… $ ./manage.py schemamigration app --initial $ ./manage.py migrate app $ ./manage.py schemamigration app --auto $ git init Write tests.py Fabric/Puppet/Chef
  • 39. Forms are easy!
  • 40. Forms are easy! • Use formsas much as possible(Hint:security) • ModelFormscovermost uses case • Butselect whichfields showin ModelForms • Hard set all defaults beforeform.save • FormViewis a greatgenericviewfor forms • Usingbootstrap?Use crispy-formsto savetime
  • 41. Should I use CBVs?
  • 42. Ok, I made a Django site. Now what?
  • 43. Ok, I made a Django site. Now what? • Turn off DEBUG • Use HTTPS logins • Set X-Frame- Optionsheader • Use SESSION_COOKIE_ SECURE • Change /admin/ url Oreasier,go to http://ponycheckup.com/
  • 44. @arocks