(All tags.)
I have just released the second update to Boost Your Django DX, my book of developer experience (DX) recommendations for Django projects. This update contains a new chapter, changes some recommended tools, and upgrades to Python 3.13 and Django 5.1. Overall, the book is 45 pages longer, now totalling 326!
Happy DjangoCon US 2024 to you. Whilst I am not there, I have adopted the spirit of the season and got to work hacking together a new tool.
update_last_loginDjango’s test client provides two methods to log in a user: login() and force_login(). The latter one is faster because it bypasses the authentication backend, including password hashing, and just sets a session to have the user logged in. Typically, you’d want to use it in setUp() like this:
Django provides us with a rich set of view decorators. In this post, we’ll look at a technique for hoisting repeated use of these decorators to reduce repetition.
Here’s an example of a common pattern in Django projects:
Recently, I built a Microsoft Teams bot for a client, inside their Django project. It wasn’t fun or easy, but the experience did increase my resiliency as a developer. I also went into this forewarned by my wife, a product manager also known as “the integration queen”, who has experienced the difficulties of the Teams API first-hand.
.all()”Here’s a little ORM pet peeve of mine that may deepen your understanding of how QuerySets work.
Django’s SECRET_KEY setting is used for cryptographic signing in various places, such as for session storage and password reset tokens. This makes keeping it secure a high priority since an attacker with the key could forge things like password reset tokens.
argparse, the standard library module that Django uses for parsing command line options, supports sub-commands. These are pretty neat for providing an expansive API without hundreds of individual commands. Here’s an example of using sub-commands in a Django management command:
Django requires every change to model fields and meta classes to be reflected in database migrations. This applies even to things that don’t typically affect the database, such as Field.choices. When iterating on code, it’s easy to make a model change and forget to update the migrations accordingly. If you don’t have any protection, you might even deploy code that crashes due to out-of-date migrations!
Harlequin is a Terminal-based SQL IDE by Ted Conbeer. It is pretty popular, with over 2,500 GitHub Stars and counting. It looks like this:
Here’s a small protection I added to a project a few years ago. I was considering it again since I saw a similar potential bug in a Django middleware.
Copy-paste-tweaking library code feels like a dirty but inevitable programming practice. Often driven by deadlines or other constraints, it seems all projects end up with something copy-pasted in and tweaked for one specific use case.
inspectMany terminals and text editors support what I’ll call “line number paths” of the form <filename>:<lineno>. Opening that path, whether by clicking or passing to a CLI, opens the given file at that line.
Django’s release notes are extensive and describe nearly all changes. Still, when upgrading between Django versions, you may encounter behaviour changes that are hard to relate to any particular release note.
Django’s system check framework provides fantastic protection for configuration mishaps. It’s like a targeted linter that runs when you start Django commands. It takes advantage of runtime setup to inspect the true state rather than infer it from the source.
GeoDjango requires the GDAL and GEOS spatial libraries. On macOS, you can use Homebrew to install these, but they won’t be picked up by default since they live in a non-default library directory, /opt/homebrew/lib. Django will fail to start with an exception:
Mastodon is a Twitter-like social network with a solid Django community presence. It’s a fantastic online arena for connecting with others, discovering news, discussing issues, and sharing FOMO-inducing conference photos.
pre-commit’s “fail” virtual language fails all files that it matches. Combine it with pre-commit’s file name and type matching to block unwanted files in your repository.
I just released a major update to my 2021 book Boost Your Django DX. This update contains new content, a bunch of edits, and uses the latest versions of tools, including Python 3.12 and Django 5.0.
PostgreSQL’s powerful full text search feature supports several query syntaxes. Of these, a website search feature should typically pick the websearch syntax. websearch copies some features from popular search engines, as covered below, offering familiar short syntax to users. It is also forgiving and will never raise a syntax error for user input, whilst other syntaxes can.
My two “Boost Your DX” books are available in a bundle deal, saving $10 compared to buying them separately. Great for improving your Django and Git skills at the same time.
Global Privacy Control (GPC) is a specification for web browsers to signal website operators not to share or sell the user’s data. This signal is intended to exercise legal data privacy rights such as those provided by the California Consumer Privacy Act (CCPA) or the EU’s General Data Protection Regulation (GDPR). While GPC is a proposal, support has been implemented in Firefox and several other privacy-focused browsers and extensions.
A fairly common situation in a Django project is where you need to store and serve arbitrary HTML fragments. These often come from forms with rich text editors (using HTML’s contenteditable).
This evening I held a quiz at the December London Django Meetup Group. The quiz is a regular tradition: this was the fifth quiz that I’ve presented, and the sixth overall.