1. Settings file
What is secret key?
- The secret key is a string used to provide cryptographic signing and encryption in Django.
- It is used to secure cookies, session data, and other sensitive information.
- It is recommended that this key is kept secret and not shared publicly.
What are the default Django apps inside it? Are there more?
- Django comes with a number of built-in apps, including admin, auth, contenttypes, sessions, messages, and staticfiles.
- There are also many third-party apps available that can be easily installed via pip.
What is middleware? What are different kinds of middleware?
- Middleware is a way to add extra functionality to the request/response processing in Django.
- There are different types of middleware, including process_request, process_view, process_exception, and process_response.
- Security middleware can help prevent common vulnerabilities like CSRF, XSS, and Clickjacking.
Django Security
Django has several built-in security features to help protect against common web application vulnerabilities. Some of these include:
- CSRF protection: Cross-site request forgery protection helps prevent unauthorized actions on behalf of a user.
- XSS protection: Cross-site scripting protection helps prevent injection attacks that can execute malicious code in a user's browser.
- Clickjacking protection: Clickjacking protection helps prevent attackers from tricking users into clicking on hidden or disguised elements.
CSRF
CSRF (Cross-site request forgery) is a form of security breach in which an unauthorized user can perform actions on behalf of an unsuspecting user.
XSS
Cross-site scripting (XSS) is a type of attack where an attacker can inject malicious code into a website, which can then be executed by other users who view the page. Django includes built-in XSS protection to help prevent these attacks.
Clickjacking
Clickjacking is a type of attack where an attacker tricks a user into clicking on something they didn't intend to click on. Django includes built-in clickjacking protection to help prevent these attacks.
Other middleware
There are many other types of middleware available for Django, including caching middleware, authentication middleware, and compression middleware.
What is WSGI?
- The WSGI (Web Server Gateway Interface) is a set of guidelines that define a uniform interface between web servers and web applications.
- Django includes a built-in WSGI server that can be used for development.
- But for production use, it is recommended to use a dedicated web server like Apache or Nginx with a WSGI interface like mod_wsgi or uWSGI.
2. Models file
What is ondelete Cascade?
- Ondelete Cascade is a feature in Django that allows you to specify how related objects should be treated when the parent object is deleted.
- When a parent object is deleted, the Ondelete Cascade option will automatically delete any related objects as well.
Fields and Validators
- Django provides a variety of fields and validators that can be used in your models to define the structure of your database tables.
- Some of the most common fields include CharField, IntegerField, DateField, DateTimeField, and ForeignKey.
- Validators are used to validate the data entered by the user before it is saved to the database.
- Some common validators include MaxValueValidator, MinValueValidator, and RegexValidator.
Python module vs Python class
- In Python, a module is a file containing Python definitions and statements, while a class is a blueprint for creating objects.
- In Django models, a module typically contains multiple classes, each representing a database table.
- The module itself is simply a file that contains these class definitions.
- Each class within the module represents a specific database table, with the class attributes defining the table fields and their data types.
3. Django ORM
Using ORM queries in Django Shell
- The Django shell provides a way to interact with your database using Python code.
- You can use ORM queries to retrieve and manipulate data in the shell just like you would in a Python script.
Turning ORM to SQL in Django Shell
- You can use the query attribute of a Django ORM query to view the corresponding SQL query that will be executed.
- For example, if you have a QuerySet called my_queryset, you can view the corresponding SQL query by calling print(my_queryset.query).
What are Aggregations?
- Aggregations in Django are a way to perform calculations on a set of objects and return a single value.
- Some common aggregations include count, sum, avg, min, and max.
What are Annotations?
- Annotations in Django allow you to add extra information to each object in a QuerySet.
- You can use annotations to add calculated fields, perform subqueries, and more.
What is a migration file? Why is it needed?
- A migration file in Django is a Python script that describes the changes that need to be made to the database schema.
- It is created using the makemigrations command and is used to update the database schema when changes are made to your models.
What are SQL transactions?
- SQL transactions are a way to ensure that multiple SQL statements are executed as a single, atomic operation.
- This helps to ensure data consistency and prevent race conditions.
- Transactions can be started using SQL commands like BEGIN and COMMIT.
What are atomic transactions?
- In Django, atomic transactions are a way to ensure that multiple ORM operations are executed as a single, atomic operation.
- This helps to ensure data consistency and prevent race conditions.
- Atomic transactions can be started using the atomic decorator or context manager.
Top comments (0)