Please take a few minutes to complete the 2020 survey and help guide the future development of Django.
From Django Girls workshop mentee in 2017 to lead organizer of PyLadies Ghana and co-organizer of PyCon Africa 2019, Abigail received the PSF Community Service Award for Q1 2020.
Speed up parallel testing via this excerpt from Adam Johnson's book Speed Up Your Django Tests.
A look at benchmarks and concurrency in Django vs competing web frameworks.
A beginner-friendly guide to Docker and Django local development.
PostGIS adds geographic object support to PostgreSQL and is used in the GeoDjango module.
An overview of various exploits that can work against the Django templating engine in a modern web application.
A nice beginner's intro to creating a model and a superuser.
A guide to configuring logging for Django, NGINX, and Gunicorn.
A step-by-step guide to a basic Todo app using Django, Django Rest Framework, Alpine.js, and Axios.
fetch to make AJAX GET and POST requests in Django.
Are you bored of waiting for "manage.py test" to finish? Read this book while you wait! It has many tips and tricks that apply to all projects, big and small, and it covers both Django's test framework and pytest.
If you have been looking for a Django HTML template linter, then checkout out Curlylint. It's experimental and very promising.
Experimental HTML templates linting for Jinja, Nunjucks, Django templates, Twig, Liquid
On the roadmap:
- More checks for common accessibility issues in HTML.
- Checks for common security issues – for exameple
rel="noopener noreferrer", or known sources of XSS vulnerabilities.
- More ideas welcome!
Curlylint is available on PyPI, grab it and you can start linting:
# Assuming you’re using Python 3.6+, pip install curlylint # Now time to lint those templates! curlylint template-directory/
Have a look at our documentation to make the most of it:
See anything you like in here? Anything missing? We welcome all support, whether on bug reports, feature requests…
Transparent field-level encryption for Django using the pgcrypto PostgreSQL extension.
Transparent field level encryption for Django using the pgcrypto postgresql extension.
django-pgcrypto-fields is a
Django extension which relies upon
encrypt and decrypt data for fields.
- postgres with
- Supports Django 1.11.x, 2.2.x, and 3.0.x
- Compatible with Python 3 only
Last version of this library that supports
Django 1.8.x, 1.9.x, 1.10.x
pip install django-pgcrypto-fields
Our library support different crypto keys for multiple databases by
defining the keys in your
import os BASEDIR = os.path.dirname(os.path.dirname(__file__)) PUBLIC_PGP_KEY_PATH = os.path.abspath(os.path.join(BASEDIR, 'public.key')) PRIVATE_PGP_KEY_PATH = os.path.abspath(os.path.join(BASEDIR, 'private.key')) # Used by PGPPublicKeyField used by default if not specified by the db PUBLIC_PGP_KEY = open(PUBLIC_PGP_KEY_PATH).read() PRIVATE_PGP_KEY…
The QuerySetSequence wrapper helps to deal with disparate QuerySet classes, while treating them as a single QuerySet.
QuerySetSequence wrapper helps to deal with disparate
classes, while treating them as a single
Listed below are features of Django's
implements. The behavior should match that of
QuerySet, but applied across
- Methods that take a list of fields (e.g.
order_by()) must use fields that are common across all sub-
- Relationships across related models work (e.g.
- The sub-
QuerySetsare evaluated as late as possible (e.g. during iteration, slicing, pickling,
QuerySetAPI methods that are untested/unimplemented raise
QuerySet API implemented by
An XSS vulnerability fuzz tester for Django views.
Django XSS Fuzzer
An XSS vulnerability fuzz tester for Django views.
This tester will inject XSS patterns into the context data for a template before it is rendered, including:
- Simple strings
- Attributes of Django ORM objects in QuerySets
The goal of this tool is to quickly find any XSS vulnerabilities in Django templates.
Install via pip
$ pip install django-xss-fuzzer
ViewFuzzerMiddleware to your middleware list for a test environment.
MIDDLEWARE = [ 'django_xss_fuzzer.ViewFuzzerMiddleware' ]
Do not deploy this to a production server!
Configure the middleware via the Django global settings.
XSS_PATTERN: An XSS patterns to try. See XSS Cheatsheet for inspiration.
XSS_INJECT_KWARGS(Default False) : A switch to disable injecting XSS view function keyword arguments
XSS_INJECT_CONTEXT_DATA(Default True) : A switch to disable injecting XSS into class data
Seed your Django database with fake data.
Django-seed allows you to write code to generate models, and seed your database with one simple
To install django-seed, use pip:
pip install django-seed
Or to install from source:
python setup.py install
Add it to your installed apps in
INSTALLED_APPS = ( 'django_seed', )
Note: When seeding models with Foreign Keys, you need to make sure that those models are seeded first. For example, if a model in app A has a foreign key to a model in app B, you must seed app B first.
Using with command
With django-seed, you can seed your database with test data from…