Book Image

Django Design Patterns and Best Practices - Second Edition

By : Arun Ravindran
Book Image

Django Design Patterns and Best Practices - Second Edition

By: Arun Ravindran

Overview of this book

Building secure and maintainable web applications requires comprehensive knowledge. The second edition of this book not only sheds light on Django, but also encapsulates years of experience in the form of design patterns and best practices. Rather than sticking to GoF design patterns, the book looks at higher-level patterns. Using the latest version of Django and Python, you’ll learn about Channels and asyncio while building a solid conceptual background. The book compares design choices to help you make everyday decisions faster in a rapidly changing environment. You’ll first learn about various architectural patterns, many of which are used to build Django. You’ll start with building a fun superhero project by gathering the requirements, creating mockups, and setting up the project. Through project-guided examples, you’ll explore the Model, View, templates, workflows, and code reusability techniques. In addition to this, you’ll learn practical Python coding techniques in Django that’ll enable you to tackle problems related to complex topics such as legacy coding, data modeling, and code reusability. You’ll discover API design principles and best practices, and understand the need for asynchronous workflows. During this journey, you’ll study popular Python code testing techniques in Django, various web security threats and their countermeasures, and the monitoring and performance of your application.

Related Content you might be interested in

Current Title:

Small book image
Django Design Patterns and Best Practices - Second Edition
Arun Ravindran
May, 2018 | 282 pages
Small book image
Web Development with Django
Chris Guest | Saurabh Badhwar | Ben Shaw | Bharath Chandra K S
May, 2023 | 764 pages
Small book image
Building Django 2.0 Web Applications
Tom Aratyn
Apr, 2018 | 408 pages
Small book image
Becoming an Enterprise Django Developer
Michael Dinder
Jun, 2022 | 526 pages
Table of Contents (21 chapters)
Title Page
Title Page
Copyright and Credits
Copyright and Credits
PacktPub.com
PacktPub.com
Contributors
Contributors
Preface
Preface
Free Chapter
1
Django and Patterns
Django and Patterns
Why Django?
The story of Django
How does Django work?
What is a pattern?
Patterns in this book
Summary
2
Application Design
Application Design
How to gather requirements?
Are you a storyteller?
HTML mockups
Designing the application
Best practices before starting a project
SuperBook – your mission, should you choose to accept it
Summary
3
Models
Models
M is bigger than V and C
The model hunt
Structural patterns
Retrieval patterns
Migrations
Summary
4
Views and URLs
Views and URLs
A view from the top
Class-based generic views
View mixins
Decorators
View patterns
Designing URLs
React.js, Vue.js, and other view replacements
Summary
5
Templates
Templates
Understanding Django's template language features
Jinja2
Organizing templates
How templates work
Using Bootstrap
Template patterns
Summary
6
Admin Interface
Admin Interface
Using the admin interface
Enhancing models for the admin
Admin interface customizations
Protecting the admin
Summary
7
Forms
Forms
How forms work
Displaying forms
Understanding CSRF
Form processing with class-based views
Form patterns
Summary
8
Working Asynchronously
Working Asynchronously
Why asynchronous?
Asynchronous patterns
Asynchronous solutions for Django
Summary
9
Creating APIs
Creating APIs
RESTful API
Django Rest framework
API patterns
Summary
10
Dealing with Legacy Code
Dealing with Legacy Code
Finding the Django Version
Where are the files? This is not PHP
Starting with urls.py
Jumping around the code
Understanding the code base
Incremental change or a full rewrite?
Writing tests before making any changes
Legacy database integration
Future proofing
Summary
11
Testing and Debugging
Testing and Debugging
Why write tests?
TDD
Writing a test case
Mocking
Pattern – Test fixtures and factories
Learning more about testing
Debugging
The print function
Logging
The Django Debug Toolbar
The Python debugger pdb
Other debuggers
Debugging Django templates
Summary
12
Security
Security
Cross-site scripting
Cross-site request forgery
SQL injection
Clickjacking
Shell injection
A handy security checklist
Summary
13
Production-Ready
Production-Ready
The production environment
Virtual machines or Docker
Hosting
Deployment tools
Monitoring
Improving Performance
Summary
Python 2 Versus Python 3
Python 2 Versus Python 3
Python 3
Further information
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

Clickjacking

Clickjacking is a means of misleading a user to click on a hidden link or button in the browser when they were intending to click on something else.

This is typically implemented using an invisible IFRAME that contains the target website over a dummy web page (shown here) that the user is likely to click on:

Since the action button in the invisible frame would be aligned exactly above the button in the dummy page, the user's click will perform an action on the target website instead.

How Django helps

Django protects your site from clickjacking using middleware that can be fine-tuned using several decorators. By default, this django.middleware.clickjacking.XFrameOptionsMiddleware middleware will be included in your MIDDLEWARE_CLASSES within your settings file. It works by setting the X-Frame-Options header to SAMEORIGIN for every outgoing HttpResponse.

Most modern browsers recognize the header, which means that this page should not be inside a frame in other domains. The protection...

Previous Section
End of Section 5
Next Section