Book Image

Django Design Patterns and Best Practices

By : Arun Ravindran
Book Image

Django Design Patterns and Best Practices

By: Arun Ravindran

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Django Design Patterns and Best Practices
Arun Ravindran
Mar, 2015 | 222 pages
No titles found
Table of Contents (19 chapters)
Django Design Patterns and Best Practices
Django Design Patterns and Best Practices
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Django and Patterns
Django and Patterns
Why Django?
The story of Django
What is a Pattern?
Patterns in this book
Best practices
Summary
2
Application Design
Application Design
How to gather requirements
Are you a story teller?
HTML mockups
Designing the application
Before starting the project
SuperBook – your mission, should you choose to accept it
Summary
3
Models
Models
M is bigger than V and C
The model hunt
Structural patterns
Retrieval patterns
Migrations
Summary
4
Views and URLs
Views and URLs
A view from the top
Class-based generic views
View mixins
Decorators
View patterns
Designing URLs
Summary
5
Templates
Templates
Understanding Django's template language features
Organizing templates
Using Bootstrap
Template patterns
Summary
6
Admin Interface
Admin Interface
Using the admin interface
Enhancing models for the admin
Admin interface customizations
Protecting the admin
Summary
7
Forms
Forms
How forms work
Displaying forms
Understanding CSRF
Form processing with Class-based views
Form patterns
Summary
8
Dealing with Legacy Code
Dealing with Legacy Code
Finding the Django version
Where are the files? This is not PHP
Starting with urls.py
Jumping around the code
Understanding the code base
Incremental change or a full rewrite?
Write tests before making any changes
Legacy databases
Summary
9
Testing and Debugging
Testing and Debugging
Why write tests?
Test-driven development
Writing a test case
Mocking
Pattern – test fixtures and factories
Learning more about testing
Debugging
The print function
Logging
The Django Debug Toolbar
The Python debugger pdb
Other debuggers
Debugging Django templates
Summary
10
Security
Security
Cross-site scripting (XSS)
A handy security checklist
Summary
11
Production-ready
Production-ready
Production environment
Hosting
Deployment tools
Monitoring
Performance
Summary
Python 2 versus Python 3
Python 2 versus Python 3
But I still use Python 2.7!
Python 3
Further information
Index
Index

Protecting the admin

The admin interface of your site gives access to almost every piece of data stored. So, don't leave the metaphorical gate lightly guarded. In fact, one of the only telltale signs that someone runs Django is that, when you navigate to http://example.com/admin/, you will be greeted by the blue login screen.

In production, it is recommended that you change this location to something less obvious. It is as simple as changing this line in your root urls.py:

    url(r'^secretarea/', include(admin.site.urls)),

A slightly more sophisticated approach is to use a dummy admin site at the default location or a honeypot (see the django-admin-honeypot package). However, the best option is to use HTTPS for your admin area since normal HTTP will send all the data in plaintext over the network.

Check your web server documentation on how to set up HTTPS for admin requests. On Nginx, it is quite easy to set this up and involves specifying the SSL certificate locations. Finally, redirect all...

Previous Section
End of Section 5
Next Section