Book Image

Python Web Development with Sanic

By : Adam Hopkins
Book Image

Python Web Development with Sanic

By: Adam Hopkins

Overview of this book

Today’s developers need something more powerful and customizable when it comes to web app development. They require effective tools to build something unique to meet their specific needs, and not simply glue a bunch of things together built by others. This is where Sanic comes into the picture. Built to be unopinionated and scalable, Sanic is a next-generation Python framework and server tuned for high performance. This Sanic guide starts by helping you understand Sanic’s purpose, significance, and use cases. You’ll learn how to spot different issues when building web applications, and how to choose, create, and adapt the right solution to meet your requirements. As you progress, you’ll understand how to use listeners, middleware, and background tasks to customize your application. The book will also take you through real-world examples, so you will walk away with practical knowledge and not just code snippets. By the end of this web development book, you’ll have gained the knowledge you need to design, build, and deploy high-performance, scalable, and maintainable web applications with the Sanic framework.
Table of Contents (16 chapters)
Part 1:Getting Started with Sanic
Part 2:Hands-On Sanic
Part 3:Putting It All together


This chapter has covered a lot of material. Still, it has only scratched the surface of web security. To truly raise the security bar, you should continue to do some research. There are some other common headers such as Content-Security-Policy, X-Content-Type-Options, and X-Frame-Options that we did not have a chance to cover. Nonetheless, with the information you have gathered here, and with your self-ingenuity, you should be able to implement, for example, a Content-Security-Policy header that works for your application. The first place I look for this kind of material is Mozilla's MDN website: I highly recommend that you visit it to learn about web standards and practices.

So, what did we cover?

You should now be familiar with the concept of same-origin and how to develop a CORS policy to defeat both CSRF and XSS attacks. We also looked at three common schemes for authenticating users: API keys, session tokens, and JWT. And...