The document discusses Django, a Python web framework. It began as an internal project at a newspaper to help journalists meet deadlines. Django encourages rapid development, clean design and is database and platform neutral. It features an object relational mapper, automatic admin interface, elegant URLs and templates. Django uses a model-template-view architecture. It provides tools like manage.py to help with development.
Scanning the Internet for External Cloud Exposures via SSL Certs
Introduction to Django
1. The web framework for perfectionists with deadlines
James Casey
2nd October 2009
2. What’s Django?
“Django is a high-level Python Web framework that
encourages rapid development and clean, pragmatic
design.”
from http://djangoproject.org/
3. Whence Django ?
‣ Internal project of newspaper in 2003
‣ Lawrence Journal-World
‣ Should help journalist meet faster deadlines
‣ Should not stand in the way of journalists
‣ Named after the famous guitarist Django
Reinhardt
4. Django in the news
‣ http://mps-expenses.guardian.co.uk/
‣ MP expense scandal
‣ crowdsourcing the review of 500K
documents
‣ 7 days from proof-of-concept to launch
http://simonwillison.net/2009/talks/europython-crowdsourcing/
5. Django won a pulitzer
‣ http://polifact.com/
‣ Fact checking in 2008 US presidental
election
‣ Lead developer was former journalist
‣ It was his first django application
http://www.mattwaite.com/posts/2007/aug/22/announcing-politifact/
19. “index.html”
{% extends "tutorial/base.html" %}
{% block title %}Homepage{% endblock %}
{% block content %}
{% for book in books %}
<h4>{{ book.name }}</h4>
<p>Publisher: {{ book.publisher }}</p>
<p>Date of Publication: {{ book.pubdate|date }}</p>
<p>Price ${{ book.price }}</p>
<p>Author : {% for a in book.authors.all %}{{ a.name }}{% if not
forloop.last %}, {% endif %}{% endfor %}</p>
{% endfor %}
{% endblock %}
20. Security advantages
‣ No raw SQL from the users
‣ We deal with models and queries
‣ Automatic HTML escaping
‣ No XSS attacks
‣ CSRF protection
‣ No replay of forms by other code
24. Views are just python
functions
import datetime
def view_latest_books(request, num_days):
date = datetime.datetime.now() -
datetime.timedelta(int(num_days))
books = Book.objects.filter(pubdate__gte =
date).order_by('-pubdate')
return render_to_response('books/show_books.html',
{'books': books})
25. Aggregation
‣ When you need to summarise a collection
of objects
‣ Leveraging the DB where possible
> q = Book.objects.annotate(num_authors=Count('authors'))
> [b.num_authors for b in q]
[2, 3, 1]
> Store.objects.aggregate(min_price=Min('books__price'),
max_price=Max('books__price'))
{‘min_price’ : 2.99, ‘max_price’ : 29.99}
http://docs.djangoproject.com/en/dev/topics/db/aggregation/
28. Projects contain Applications
Project
my
myapp
other_app
reuseable
app
‣ Application : self-contained set of functions
‣ Project : collection of applications, installed
into same database
‣ roughly project == a web application - has a
settings file
31. > ./manage.py runserver
Validating models...
0 errors found
Django version 1.1, using settings 'new_django_project.settings'
Development server is running at http://127.0.0.1:8000/
Quit the server with CONTROL-C.
...
‣ Now you write your code ...
> ./manage.py syncdb
Creating table django_content_type
Creating table django_session
Creating table django_site
Creating table tutorial_author
Creating table tutorial_publisher
Creating table tutorial_book
Creating table tutorial_store
Installing index for tutorial.Book model
33. manage.py
‣ syncdb : create SQL for your models
‣ shell : start up a python shell with your
django project loaded
‣ test : run your unit tests
‣ you did write some, didn’t you ?
‣ inspectdb : reverse engineer models for
existing DB
‣ loaddata / dumpdata : load/dump your
fixtures from a DB
34. Tools to make you
more productive
all just an easy_install away
35. distutils
‣ ‘standard’ python packaging
‣ ./setup.py sdist : source packages
‣ /.setup.py bdist : binary packages
‣ Nice to integrate with other tools
‣ pip, unittest, ...
‣ ./setup.py bdist_rpm : Can produce rpm
36. Virtualenv
‣ Run separate python environments
‣ With different sets of packages
‣ And even different interpreters
‣ Easily switch between then
‣ virtualenv_wrapper gives nice bash
functions for it all
http://pypi.python.org/pypi/virtualenv
39. PIP
‣ Better installation manager
‣ ‘easy_install’ with dependency ordering
‣ Integrated with virtualenv
‣ Allow to ‘freeze’ a set of packages
‣ and re-install to the same level
http://pypi.python.org/pypi/pip
41. django-command-extensions
‣ Extra manage.py commands
‣ shell_plus : a better python shell
‣ runserver_plus : a better debugging
server (werkzeug)
‣ show_urls : dump the url map of your
site
43. and of course, unittest
‣ Django supports :
‣ doctest : useful for simple model validation
‣ unittest : you did write some, didn’t you ?
‣ test client : acts a dummy web browser
‣ Test your views
‣ fixture loading : have a set of complex test data
‣ generated from your production database
49. Multi-DB
‣ Allows your models to be in multiple DBs
‣ Different applications in different DBs
‣ ‘sharding’ of objects across DBs
‣ using slaves for read-only operations
50. Other
‣ Admin UI enhancements
‣ autocompletion
‣ better inline handling
‣ Non-relational database support
‣ CouchDB, MongoDB, tokyo Tyrant,
Google Bigtable, SimpleDB
52. ‣ http://docs.djangoproject.com/
‣ Django community RSS feed
‣ http://www.djangoproject.com/community/
‣ Mailing lists
‣ django-dev to understand how the developers
think
‣ django-users to ask for help
‣ DjangoCon presentations
‣ http://www.djangocon.org/
56. Credits
‣ XKCD for cartoons
‣ Amazon.com for book pictures
‣ Initial inspiration for slides and examples
from Joaquim Rocha, Abe Estrada
‣ http://www.slideshare.net/j_rocha/django-intro
‣ http://www.slideshare.net/AbeEstrada/django-web-framework-presentation-822177
‣ http://www.djangoproject.com/