Convert Django website to PWA
We can convert a Django website to a PWA (Progressive web app) very easily.
PWA are web apps that look like a normal native app on the phone or PC. I consider it to be a shortcut for making cross-platform applications
We will be using django-pwa pa...
Read: https://dilutewater.hashnode.dev/convert-django-website-to-pwa
We can convert a Django website to a PWA (Progressive web app) very easily.
PWA are web apps that look like a normal native app on the phone or PC. I consider it to be a shortcut for making cross-platform applications
We will be using django-pwa pa...
Read: https://dilutewater.hashnode.dev/convert-django-website-to-pwa
Building a Recipe App on Vultr's Platform
Taking Flight with Vultr
Back in February, I made a very exciting move by joining Vultr
as Senior Director of Engineering. Vultr is an independent cloud provider
that has been in the industry for roughly 20 years. Over the last several years,
this h...
Read: https://vultr.hashnode.dev/building-a-recipe-app-on-vultrs-platform
Taking Flight with Vultr
Back in February, I made a very exciting move by joining Vultr
as Senior Director of Engineering. Vultr is an independent cloud provider
that has been in the industry for roughly 20 years. Over the last several years,
this h...
Read: https://vultr.hashnode.dev/building-a-recipe-app-on-vultrs-platform
Introducing Roomstack: Building an effective room and roommates finder with Django and Linode
Inspiration
At some point in college, we've all had some bad experiences finding a room or living with a bad roommate while others(mostly freshmen) who are just moving in their freshman year either had difficulties with getting an hostel or moving in...
Read: https://codlog.hashnode.dev/introducing-roomstack-building-an-effective-room-and-roommates-finder-with-django-and-linode
Inspiration
At some point in college, we've all had some bad experiences finding a room or living with a bad roommate while others(mostly freshmen) who are just moving in their freshman year either had difficulties with getting an hostel or moving in...
Read: https://codlog.hashnode.dev/introducing-roomstack-building-an-effective-room-and-roommates-finder-with-django-and-linode
Introduction to Django, Creating First Project
Django is a Python framework that simplifies the creation of web applications in Python. It handles the tedious tasks so you can focus on developing your web apps. Django stresses component reusability, commonly known as DRY (Don't Repeat Yourself), ...
Read: https://ilkecandan.hashnode.dev/introduction-to-django-creating-first-project
Django is a Python framework that simplifies the creation of web applications in Python. It handles the tedious tasks so you can focus on developing your web apps. Django stresses component reusability, commonly known as DRY (Don't Repeat Yourself), ...
Read: https://ilkecandan.hashnode.dev/introduction-to-django-creating-first-project
Creating Your First Application in Django
First of all I created a new project from terminal which is the main one and called "main"
Open a new terminal, then a new project. I will name mine "movies".
python manage.py startapp movies
Now, we need to register this app in the settings module....
Read: https://ilkecandan.hashnode.dev/creating-your-first-application-in-django
First of all I created a new project from terminal which is the main one and called "main"
Open a new terminal, then a new project. I will name mine "movies".
python manage.py startapp movies
Now, we need to register this app in the settings module....
Read: https://ilkecandan.hashnode.dev/creating-your-first-application-in-django
Reimagining front-end web development with htmx and hyperscript
We all know that to create an interactive front end for your website you need JavaScript. Not just vanilla JS, mind: we're in 2022, and to create an acceptable UI you need to be using a framework like React or Vue.js. Right?
Wrong.
In recent years, a...
Read: https://nomadiq.hashnode.dev/reimagining-front-end-web-development-with-htmx-and-hyperscript
We all know that to create an interactive front end for your website you need JavaScript. Not just vanilla JS, mind: we're in 2022, and to create an acceptable UI you need to be using a framework like React or Vue.js. Right?
Wrong.
In recent years, a...
Read: https://nomadiq.hashnode.dev/reimagining-front-end-web-development-with-htmx-and-hyperscript
The Best way: Safe way to hide secret information in any Django project
Hey!
Do you use Django in your project?
Then, this is for you. To build a web app requires writing API KEY, PASSWORD, MAIL ID, etc., sensitive information in your code. But, often, we write these pieces of information in our code straightforwardly ...
Read: https://rahulbiswas.hashnode.dev/the-best-way-safe-way-to-hide-secret-information-in-any-django-project
Hey!
Do you use Django in your project?
Then, this is for you. To build a web app requires writing API KEY, PASSWORD, MAIL ID, etc., sensitive information in your code. But, often, we write these pieces of information in our code straightforwardly ...
Read: https://rahulbiswas.hashnode.dev/the-best-way-safe-way-to-hide-secret-information-in-any-django-project
How to Protect Your Django Project's Secret Key
I have been working on some Django tasks for a while. I mistakenly pushed my secret key to my public GitHub repository.😬 Yeah, rookie mistake! 🤷🏽♂️
I immediately received an email from GitGuardian informing me of the security risks involved.
I t...
Read: https://themfon.hashnode.dev/how-to-protect-your-django-projects-secret-key
I have been working on some Django tasks for a while. I mistakenly pushed my secret key to my public GitHub repository.😬 Yeah, rookie mistake! 🤷🏽♂️
I immediately received an email from GitGuardian informing me of the security risks involved.
I t...
Read: https://themfon.hashnode.dev/how-to-protect-your-django-projects-secret-key
How to do a secure login in django
Secure Login Challenge
https://github.com/Sainya-Ranakshetram-Submission/secure-login
This project addresses all the web vulnerabilities and implements login system in a secure way
Web vulnerabilities addressed
Cross Site Forgery Request
Clickjackin...
Read: https://dhruvashaw.hashnode.dev/how-to-do-a-secure-login-in-django
Secure Login Challenge
https://github.com/Sainya-Ranakshetram-Submission/secure-login
This project addresses all the web vulnerabilities and implements login system in a secure way
Web vulnerabilities addressed
Cross Site Forgery Request
Clickjackin...
Read: https://dhruvashaw.hashnode.dev/how-to-do-a-secure-login-in-django
Debugging Django Applications in VSCode
This is very handy if our program fails to achieve the desired result and we want to run it line by line to see what went wrong.
So, click on this button and open the "run and debug" panel.
When we see the panel, we should create a launch.json file....
Read: https://ilkecandan.hashnode.dev/debugging-django-applications-in-vscode
This is very handy if our program fails to achieve the desired result and we want to run it line by line to see what went wrong.
So, click on this button and open the "run and debug" panel.
When we see the panel, we should create a launch.json file....
Read: https://ilkecandan.hashnode.dev/debugging-django-applications-in-vscode
What is Gunicorn?
What is Gunicorn?
Gunicorn is a WSGI server
As described in PEP3333, the Python Web Server Gateway Interface (WSGI) is a way to make sure that web servers and python web applications can talk to each other.
Gunicorn is built to facilitate multiple se...
Read: https://www.sidequirk.com/what-is-gunicorn
What is Gunicorn?
Gunicorn is a WSGI server
As described in PEP3333, the Python Web Server Gateway Interface (WSGI) is a way to make sure that web servers and python web applications can talk to each other.
Gunicorn is built to facilitate multiple se...
Read: https://www.sidequirk.com/what-is-gunicorn
How to set up csrf token with Django and React
I'm not sure that this implementation is completely correct from a security point, but i want write this article because i found some problems to set up django and react using the csrf.
I'm using:
Django 4.0
React 17
django-cors-headers
axios
This ...
Read: https://gimbogeek.hashnode.dev/how-to-set-up-csrf-token-with-django-and-react
I'm not sure that this implementation is completely correct from a security point, but i want write this article because i found some problems to set up django and react using the csrf.
I'm using:
Django 4.0
React 17
django-cors-headers
axios
This ...
Read: https://gimbogeek.hashnode.dev/how-to-set-up-csrf-token-with-django-and-react
Django security releases issued: 4.0.6 and 3.2.14
In accordance with our security release policy, the Django team
is issuing Django 4.0.6 and Django 3.2.14.
These release addresses the security issue detailed below. We encourage all
users of Django to upgrade as soon as possible.
CVE-2022-34265: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments
Trunc() and Extract() database functions were
subject to SQL injection if untrusted data was used as a kind/lookup_name value.
Applications that constrain the lookup name and kind choice to a known safe
list are unaffected.
This security release mitigates the issue, but we have identified improvements
to the Database API methods related to date extract and truncate that would be
beneficial to add to Django 4.1 before it's final release. This will impact 3rd
party database backends using Django 4.1 release candidate 1 or newer, until they
are able to update to the API changes. We apologize for the inconvenience.
Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
This issue has severity "high" according to the Django security policy.
Affected supported versions
* Django main branch
* Django 4.1 (currently at beta status)
* Django 4.0
* Django 3.2
Resolution
Patches to resolve the issue have been applied to Django's main branch and to
the 4.1, 4.0, and 3.2 release branches. The patches may be obtained from the
following changesets:
* On the main branch
* On the 4.1 release branch
* On the 4.0 release branch
* On the 3.2 release branch
The following releases have been issued:
* Django 4.0.6 (download Django 4.0.6 | 4.0.6 checksums)
* Django 3.2.14 (download Django 3.2.14 | 3.2.14 checksums)
The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B.
General notes regarding security reporting
As always, we ask that potential security issues be reported via
private email to security@djangoproject.com, and not via Django's
Trac instance or the django-developers list. Please see our security
policies for further
information.
Read: https://www.djangoproject.com/weblog/2022/jul/04/security-releases/
In accordance with our security release policy, the Django team
is issuing Django 4.0.6 and Django 3.2.14.
These release addresses the security issue detailed below. We encourage all
users of Django to upgrade as soon as possible.
CVE-2022-34265: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments
Trunc() and Extract() database functions were
subject to SQL injection if untrusted data was used as a kind/lookup_name value.
Applications that constrain the lookup name and kind choice to a known safe
list are unaffected.
This security release mitigates the issue, but we have identified improvements
to the Database API methods related to date extract and truncate that would be
beneficial to add to Django 4.1 before it's final release. This will impact 3rd
party database backends using Django 4.1 release candidate 1 or newer, until they
are able to update to the API changes. We apologize for the inconvenience.
Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
This issue has severity "high" according to the Django security policy.
Affected supported versions
* Django main branch
* Django 4.1 (currently at beta status)
* Django 4.0
* Django 3.2
Resolution
Patches to resolve the issue have been applied to Django's main branch and to
the 4.1, 4.0, and 3.2 release branches. The patches may be obtained from the
following changesets:
* On the main branch
* On the 4.1 release branch
* On the 4.0 release branch
* On the 3.2 release branch
The following releases have been issued:
* Django 4.0.6 (download Django 4.0.6 | 4.0.6 checksums)
* Django 3.2.14 (download Django 3.2.14 | 3.2.14 checksums)
The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B.
General notes regarding security reporting
As always, we ask that potential security issues be reported via
private email to security@djangoproject.com, and not via Django's
Trac instance or the django-developers list. Please see our security
policies for further
information.
Read: https://www.djangoproject.com/weblog/2022/jul/04/security-releases/
Django Data Modeling, E-Commerce Data Modeling, Model Organization in Apps
Introduction to Data Modelling
Models are used to store and retrieve data. First, of all we should always figure out pieces of data that we want to store. So, what entities or concepts do we have in an e-commerce application?
We need a concept of a p...
Read: https://ilkecandan.hashnode.dev/django-data-modeling-e-commerce-data-modeling-model-organization-in-apps
Introduction to Data Modelling
Models are used to store and retrieve data. First, of all we should always figure out pieces of data that we want to store. So, what entities or concepts do we have in an e-commerce application?
We need a concept of a p...
Read: https://ilkecandan.hashnode.dev/django-data-modeling-e-commerce-data-modeling-model-organization-in-apps
Django Built-In User Management
Django has the entire authentication systems that is ready to go. With "runserver" function go to your browser and add the "/admin" at the end of your url. Mine looks like this: http://127.0.0.1:9000/admin
We only need to make sure that our database...
Read: https://ilkecandan.hashnode.dev/django-built-in-user-management
Django has the entire authentication systems that is ready to go. With "runserver" function go to your browser and add the "/admin" at the end of your url. Mine looks like this: http://127.0.0.1:9000/admin
We only need to make sure that our database...
Read: https://ilkecandan.hashnode.dev/django-built-in-user-management
Pet-проект для обучения или как я в одиночку писал Helpdesk
Ранее, у меня уже был опыт использования Helpdesk систем, но по разным причинам они не были внедрены у нас на предприятии. Хорошая возможность научится программировать, подумал я, и преступил к написанию собственного helpdesk’a.
Читать: https://habr.com/ru/post/675492/
Ранее, у меня уже был опыт использования Helpdesk систем, но по разным причинам они не были внедрены у нас на предприятии. Хорошая возможность научится программировать, подумал я, и преступил к написанию собственного helpdesk’a.
Читать: https://habr.com/ru/post/675492/
👎1
Django's Interaction with DataBases
Let's open a new app with the code we are familiar with. I am naming mine "notes".
python manage.py startapp notes
Like previously, we should register it to settings.py file as well.
After doing that, we should go to our models.py file.
This is the...
Read: https://ilkecandan.hashnode.dev/djangos-interaction-with-databases
Let's open a new app with the code we are familiar with. I am naming mine "notes".
python manage.py startapp notes
Like previously, we should register it to settings.py file as well.
After doing that, we should go to our models.py file.
This is the...
Read: https://ilkecandan.hashnode.dev/djangos-interaction-with-databases
Django News - Django security releases issued: 4.0.6 and 3.2.14 - Jul 8th 2022
Read: https://django-news.com/issues/135
Read: https://django-news.com/issues/135
👍2