Django community: Community blog posts RSS
This page, updated regularly, aggregates Community blog posts from the Django community.
-
Volunteer Responsibility Amnesty Day
Tomorrow is Volunteer Responsibility Amnesty Day, a day to reflect on your responsibilities as a volunteer and, if any of them are too burdensome, set them down. I’m observing it this year; here’s how and why. -
Authenticating users in Graphql with Django session authentication
We know that in JavaScript, cookies can travel over AJAX requests as long as the request comes from the same origin, and goes to the same origin. In other words, an AJAX request from https://www.pluto.com/ to https://www.pluto.com/api/ carries any cookie currently set in the browser, by sending them in a Cookie header. What this means in a Django project for example is that if a user is authenticated, and a template happens to make an AJAX request to the same backend, authentication credentials are transmitted by default. In Django, the authentication cookie stored in the browser is called sessionid by default. In fact, by examining the headers of a WSGIRequest or ASGIRequest for an authenticated user in Django, we should be able to see something along these lines: { 'Cookie': 'sessionid=g9eflhxbeih1lgmslnybt5dn21zgk28t'; csrftoken=D3DtmfPKxriKMoy70eYikf8pUEVMTy3bDTczk8Ni0BNFVArAWg9oGat5V8PfKQW1 } Such a request means that the user issuing the request is indeed authenticated. Here's the crazy idea: if you use GraphQL under Django session auth umbrella, you can use validate the sessionid cookie in the resolver itself. Here's how. Validating sessionid in a GraphQL resolver Consider the following Ariadne GraphQL resolver: @mutation.field("replyUpdate") def reply_update(_obj: Any, info: GraphQLResolveInfo, reply): """Resolver for reply update.""" request: ASGIRequest = info.context["request"] # … -
My site's now NextJS - And I (almost) regret it already
My personal blog was a regular Django website with jQuery (later switched to Cash) for dynamic bits. In December 2021 I rewrote it in NextJS. It was a fun journey and NextJS is great but it's really not without some regrets. Some flashpoints for note and comparison: React SSR is awesome The way infinitely nested comments are rendered is isomorphic now. Before I had to code it once as a Jinja2 template thing and once as a Cash (a fork of jQuery) thing. That's the nice and the promise of JavaScript React and server-side rendering. JS bloat The total JS payload is now ~111KB in 16 files. It used to be ~36KB in 7 files. :( Before After Data still comes from Django Like any website, the web pages are made up from A) getting the raw data from a database, B) rendering that data in HTML. I didn't want to rewrite all the database queries in Node (inside getServerSideProps). What I did was I moved all the data gathering Django code and put them under a /api/v1/ prefix publishing simple JSON blobs. Then this is exposed on 127.0.0.1:3000 which the Node server fetches. And I wired up that that … -
My site's now NextJS - And I (almost) regret it already
My personal blog was a regular Django website with jQuery (later switched to Cash) for dynamic bits. In December 2021 I rewrote it in NextJS. It was a fun journey and NextJS is great but it's really not without some regrets. Some flashpoints for note and comparison: React SSR is awesome The way infinitely nested comments are rendered is isomorphic now. Before I had to code it once as a Jinja2 template thing and once as a Cash (a fork of jQuery) thing. That's the nice and the promise of JavaScript React and server-side rendering. JS bloat The total JS payload is now ~111KB in 16 files. It used to be ~36KB in 7 files. :( Before After Data still comes from Django Like any website, the web pages are made up from A) getting the raw data from a database, B) rendering that data in HTML. I didn't want to rewrite all the database queries in Node (inside getServerSideProps). What I did was I moved all the data gathering Django code and put them under a /api/v1/ prefix publishing simple JSON blobs. Then this is exposed on 127.0.0.1:3000 which the Node server fetches. And I wired up that that … -
Django News - Django REST Framework 3.13 released! - Dec 17th 2021
News Django REST Framework 3.13 released The newest major release of Django REST Framework is out! It includes Django 4.0 compatibility and a host of new features. django-rest-framework.org Python Software Foundation News: PyPI User Feedback Summary The PSF conducted a series of three surveys to identify key user requirements that have not been addressed so far. This post summarizes the feedback received and decisions made as a result. blogspot.com Standalone CLI: Use Tailwind CSS without Node.js Tailwind CSS CLI gives you the full power of Tailwind ÇSS in a self-contained executable without no Node.js or npm required. tailwindcss.com Sponsored Link Error monitoring for Django Developers. Track and debug exceptions in record time so you can get back to doing what you love. honeybadger.io Articles Anti-Patterns When Building Container Images A list of recurring Docker anti-patterns and suggestions to avoid them or refactor them into something better. github.io The definitive guide to modeling polymorphism in Django Polymorphism allows you to use one type of object to work with multiple kinds of data. There are multiple ways to model polymorphism in Django as demonstrated in this article. confuzeus.com Why you should check-in your node dependencies by Jack Franklin From a member of … -
Introducing django-browser-reload: Automatically Reload Your Browser in Development
Hitting “refresh” to see your changes is an instinct many web developers develop. But it’s a small waste of time that adds up to many hours per year spent waiting. It’s a sub-optimal development experience (DX). Django’s development server reloads itself when you change code, but it does not tell the browser to reload. And it does not do anything when a template or static asset changes. Framework-Agnostic Tools There various framework-agnostic tools out there to address these shortcomings, but I’ve often found they have shortcomings. For a start, they’re an extra thing to install, normally in a different language, requiring e.g. Node.js to be set up. And they normally wrap the server, so you have to run both the tool and Django’s runserver. Perhaps the biggest potential drawback of such reloaders is that they watch project files a second time, whilst Django is already watching them. This can take a lot of CPU if done without OS-specific API’s (Django can do that with Watchman, which you should definitely set up). django-browser-reload Whilst I’m working on my upcoming Django DX book, I have thought about this problem on-and-off. I came up with an idea for a browser reloader that could … -
Listen Notes - Wenbin Fant (Ep 41 Replay)
Weekly DjangoChat NewsletterListen NotesThe Boring Tech Behind a One-Person Internet CompanySearch From the Ground Up @DjangoCon US 2019Django Search Tutorial -
Work Sample Tests: ‘Reverse’ Code Review
For most software engineering roles, the best work sample test will be some combination of the exercises I covered earlier in this series. But not every role; there are some circumstances where other types of tests fit better or are better at revealing some critical piece of information relevant to hiring. This post covers one of them: a “reverse” code review, where instead of you reviewing the candidate’s code, you have them review yours. -
Serving a Machine Learning Model with FastAPI and Streamlit
This tutorial looks at how to serve up a style transfer machine learning model with FastAPI and Streamlit. -
Django News - Django 4.0 Released! - Dec 10th 2021
News Django 4.0 released Django 4.0 has been released! It features built-in Redis support, form rendering using the template engine, and many more features available on the release notes. djangoproject.com Django security releases issued: 3.2.10, 3.1.14, and 2.2.25 This release fixes a security issue around potential bypass of an upstream access control based on URL paths. As ever, updating to the latest version of Django is always highly recommended. djangoproject.com Python 3.10.1 is available Python 3.10.1 is the newest major release of the Python programming language, and it contains many new features and optimizations. blogspot.com A message from the PSF's outgoing Executive Director A note from Ewa Jodlowska, who has been part of the Python community for over a decade. blogspot.com 2022 DSF Board Election Results The voting results are released for the 2022 Django Software Foundation Board. It was great to see so many candidates since the DSF simply isn't possible without the help of all of our volunteers. djangoproject.com Tailwind CSS v3.0 For a tour of some of the new features, check out the “What’s new in Tailwind CSS v3.0” video. Check out the v2 to v3 upgrade guide. tailwindcss.com Events Free coding lessons for Django Girls alumni … -
Django-Tailwind with support for the latest Tailwind CSS v3 is out
Yesterday, as I was about to go to bed, I found out that Tailwind CSS 3.0 had been released. Knowing that a lot of Django people adore Tailwind CSS so much, I decided I couldn't sleep until I upgraded Django-Tailwind to support the latest version of the library. Long story … Read now -
Threat Modeling Jurassic Park with Python
How would John Hammond design the systems on Isla Nublar in 2021? Would he spare no expense to reduce risk of a disaster? We hope that his software engineers would employ the concept of threat modeling, one of the most important security skills in modern software development. Corey will give an overview of what threat modeling is, and how to use it to highlight security concerns early on in the SDLC. -
Django Stubs - Nikita Sobolev
Personal websitedjango-stubsmypysans-ioreturnsWhat Color is Your Function?DryLabsWe Make ServicesHow Async Should Have BeenSupport the ShowThis podcast does not have any ads or sponsors. To support the show, please consider visiting LearnDjango.com, Button, or Django News. -
Preorder My New Book: Boost Your Django DX
Developer Experience (DX) is a catch-all term for anything that can improve your development workflow. Such improvements can help you write better code, faster, with fewer bugs. During my years working with Django, I’ve picked up many tools and techniques to boost my “DX”. My upcoming book Boost Your Django DX covers as many of these as possible, so you can learn them too! The book is inspired by the Japanese concept of kaizen: constant improvement to a process. As such, it teaches you how to use these tools, extend them, and even how to write your own. This way you can constantly revise your development process. Content The book contains the following chapters: Origin Opening notes, a description of the included examples. Documentation Tools to get you to the right documentation, quicker. Covers DevDocs, DuckDuckGo, Bonus Django Documentation Sites, Wget, and some miscellaneous tips. Virtual Environments and Dependencies Manage environments, and the dependencies within, correctly and easily. Covers venv, virtualenv, pip-tools, pip-lock, recommended practices for dependency management, and Python’s development mode. Python Shell Enhance your Python command line experience. Covers IPython and django-read-only. Development Server Make Django’s runserver better. Covers Watchman, django-debug-toolbar, and Rich. Code Quality Tools The key … -
Work Sample Tests: Bring Your Own Code
If you’re hiring engineers, some candidates will already have code they can share: side projects, open source, and so on. It’s silly to ask those candidates to write new code just for your interview if they already have code they can share. So, if you’re asking candidates to code as a work sample test, you should also offer to let candidates submit something they’ve previously written. Here’s how. -
Django News - Django, HTMX and Alpine.js - Dec 3rd 2021
News Loren Crary has joined the PSF as its Director of Resource Development Financial sustainability is critical to the Python Software Foundation (PSF), and the entire Python ecosystem as Python grows in popularity. The PSF welcomes Loren Crary as our new Director of Resource Development! blogspot.com Sponsored Link Using Django with Pants Pants is a cutting-edge build system with strong support for Python. See how Pants can help streamline your Django-based projects, especially when you have multiple services in a single shared codebase. github.io Articles Using PostgreSQL Views in Django Views in PostgreSQL allow you to query against the results of another query. This article is a look at two different types of Postgres views and how to decide when and if you should use them in a Django app. pganalyze.com The Well Maintained Test An article on building out a tool to programmatically answer the 12 questions from Adam Johnson's blog post on deciding whether a new package is well-maintained. ryancheley.com Encrypted Data Archives With Django And Backblaze B2 Implementing a user data export feature to a Django project with Backblaze B2 cloud storage (similar to Amazon S3) which also supports server side encryption that allows your data to … -
Customer Requests - Building SaaS with Python and Django #121
In this episode, we started by trying to add django-auto-prefetch. Unfortunately, it didn’t work well for my app. I decided to stop trying to add that package and switched to working on a feature request of one of my customers. -
Reproducible Builds with Bazel
This article looks at how Bazel can be used to create reproducible, hermetic builds. -
Work Sample Tests: Pair Programming
Coding homework is my default work sample test: I use it for all engineering roles unless it’s obvious that another kind of exercise is better. There are good reasons to make homework-style work sample tests the default: they’re relatively easy to construct, they scale reasonably well to large hiring rounds, they’re accurate simulations of real work, and easier than most other kinds of tests to construct in a way that maximizes inclusivity. Here’s how to conduct a coding homework work sample test. -
Dynamic Secret Generation with Vault and Flask
In this tutorial, we'll look at a real-world example of using Hashicorp's Vault and Consul to create dynamic Postgres credentials for a Flask web app. -
Render Django Form with Tailwind CSS Style
-
Django News - Django 4.0 release candidate 1 released - Nov 24th 2021
Introduction Early release this week We're releasing the newsletter two days early this week. Back to the normal schedule next week. django-news.com News Django 4.0 release candidate 1 released Django 4.0 release candidate 1 is the final opportunity for you to try out the abundance of new features before Django 4.0 is released. djangoproject.com 2022 Django Software Foundation Board Nominations Anyone including current Board members, DSF Members, or the public at large can apply to the Board. It is open to all who wish to participate. Please fill out the application form by November 30th, 2021 AoE to be considered. Once we have our candidates we will open a week-long voting period. djangoproject.com 🎁 Django-related Deals for Black Friday and Cyber Monday Multiple deals on Django books and projects. adamj.eu GitHub Actions: setup-python now supports dependency caching You can now run workflows for Python projects faster on GitHub Actions by enabling dependency caching on the setup-python action for both pip and pipenv projects. github.blog Sponsored Link Using Django with Pants Pants is a cutting-edge build system with strong support for Python. See how Pants can help streamline your Django-based projects, especially when you have multiple services in a single shared … -
Optimizing Django Queries - Jamie Matthews
dabappsJamie on GitHub and TwitterUnpolydjango-readersdjango-zen-queriesdjango-rest-framework-serialization-specdjango-db-queuedjango-log-request-idDjango Views - The Right Way by Luke PlantDjango Vanilla Views by Tom ChristieBlack Friday Sale50% off the list price of the books Django for Beginners/APIs/Professionals by William Vincent, co-host of this podcast and current Django Software Foundation Board Member. Offer valid through Friday, November 26th, end of day. -
Work Sample Tests: Coding “Homework”
Coding homework is my default work sample test: I use it for all engineering roles unless it’s obvious that another kind of exercise is better. There are good reasons to make homework-style work sample tests the default: they’re relatively easy to construct, they scale reasonably well to large hiring rounds, they’re accurate simulations of real work, and easier than most other kinds of tests to construct in a way that maximizes inclusivity. Here’s how to conduct a coding homework work sample test. -
How Django Got Its Name
Pictured: From left to right, musicians Sebastian Peszko, Francisco Batista, and Filippo Dall'Asta in Berlin, Germany. In early November, my husband and I celebrated a friend’s birthday with dinner and a show. The birthday boy has eclectic tastes and it’s always a treat to be included in his plans. Little did I know, however, that our night out in Berlin, Germany, would be related to my day job with Caktus, which is of course, based in Durham, North Carolina ... As a side note, I’ve been working remotely from Berlin since August 2021. Our group showed up at 800A Bar & Cabaret a bit late, so the music had already started. Onstage were guitarists Filippo Dall'Asta and Francisco Batista, plus Sebastian Peszko on the viola. The music seemed familiar but I couldn’t quite place it until my husband realized it was similar to the original theme from the TV show “Monk”! The musicians were incredibly talented and we had a very enjoyable evening listening to them as well as the jam session later featuring various local artists. Though I was unfamiliar with this style of music, I was familiar with the name Django Reinhardt as I had read a little …