Would you like to give a talk at DjangoCon, but don't know where to start? Does the idea of getting on the stage terrify you? This talk will tell you why you should give a talk and how to go about it. I'll cover submitting a proposal, writing your talk, preparing to speak and actually getting behind the lectern to thunderous applause!
"This site uses cookies"... no kidding! Every site uses cookies! Cookies are a much maligned, but essential part of the web experience. But what actually are cookies? Why are they needed? How do they work? How are they used? How are they misused? And how have they changed as the modern web as evolved?
In this talk, you'll get a complete history of browser cookies, and a deep dive into the cookie specification. You'll learn the various ways your Django site uses cookies, and how others can use use cookies on your site. And you'll get a preview of some changes that may be coming to the way the web uses cookies.
The Google Maps SDK: well-known, powerful, and extremely popular - and after July 2018, suddenly unaffordable. We needed to find an alternative for Django geospatial projects. This is the story of our search and what we found, and the lessons that we’d like to share from the experience. The good news is: we returned with new knowledge from our wanderings, and were able to migrate our existing projects successfully.
Django ships with a built-in migration framework since version 1.7 in 2014. While migrations are widely used by almost every Django project ever since, there is little known about the internals of the migration framework. This talk will look into its components and how they are tied together.
This talk will discuss why developers should grow their security mindset and will give them practical advice for how to do so—even in a workplace where many issues compete for their attention. Examples will be given from the Python and Django world and should be of interest to those new to security and those wanting to help their team develop a security mindset.
Free software is all about participation, and projects can empower young people to participate by designing their software in a way that opens it up for learning and teaching in education. This talk reports from the AlekSIS project that develops real-world educational software that is intended to be extended by the students that actually work with it.
For many people, deploying their site is still the hardest part of being a Django developer. This talk will demonstrate three modern, low-cost alternatives to the standard approaches. I'll show how to deploy the same app three times, using self-hosted Docker, Google Cloud Run and static site generation, outlining the trade-offs with each approach.
Biometrics are widely regarded by the public, and many developers, as heightened security. Their actual track record tells a very different story. Biometric technologies are systematically making the world a less safe place. We have an obligation to do something about that. And we can.
In today's web, working with a frontend framework or library is becoming the norm. Vue is one of the most popular ones but how does it play with Django, what are the advantages and caveats?
We'll use a practical example to explore some of those, ranging from getting the 2 frameworks to "just" work together to data exchange through a DRF API, authentication and websockets.
Django can make you feel like you are in security heaven and yet there are some pitfalls to avoid. In this talk, I want to praise Django design choices, give an overview of Django's security features and their limitations and conclude with some general security best practices to keep in mind.
Our devices are continually sending and receiving a complex set of instructions and information every time they interact over HTTP. While this mostly invisible interaction is primarily made up of the same standard set of attributes what oddities would we discover if we spidered 10,000,000 domains?
Why did Facebook have a public Django-based site that got hacked? What was the flaw discovered in GitHub's password reset mechanism that was also found to affect Django auth? Are your projects vulnerable?
I'll walk you through some stories of common web vulnerabilities, and what they mean for Django. I've had the pleasure of working on over 50 Django projects so far, so I've seen some patterns emerge.
More than once I have had the pleasure of being informed that my job (which by the way, is also the job of quite a few members of the DjangoCon audience) is not a “real” job.
In this talk I will try to discover what a “real job” is. I will also find out more about what is “real”, and what is a “job”.
As a person who allegedly does not have a real job, and who comes from a country (Belgium) whose reality some people also doubt, I am ideally placed to make these discoveries. I will enlist the assistance of some famous Belgians, including the famous philosopher-actor Jean-Claude Van Damme (not a real actor, according to some; not a real philosopher, according to others) and the artist René Magritte.
I plan to show that being a web developer is not really a job - it’s much more important than that.
When writing multi-tenant applications, a very typical and dangerous bug is to forget about a WHERE statement and show data to the wrong users. This often goes unnoticed, since most people are only testing with one user account. This talk discusses strategies to prevent this class of error entirely.
Tired of dealing with structured data? Want to avoid database migrations? Try JSONField
!
This talk explains the implementation of a cross-DB JSONField
, a new feature released in Django 3.1, that can be used on all database backends supported by Django.
GraphQL is a more flexible alternative to REST for building web APIs, and thus is becoming a strong foundation for any modern web stack. This is especially true where static HTML templates are not cutting it or a sophisticated single-page interface is needed, which is often the case on the web nowadays. Even though Django was designed as a model-view-template framework, it can work perfectly well as a GraphQL server to power JavaScript apps. This talk will elaborate on the anatomy of a GraphQL-first Django application, in which GraphQL queries and mutations are the primary interfaces exposed by the backend, while the frontend remains fully dynamic.
Many Django apps use Celery as a task queue for long running tasks. Many talks and blogs focus on how to use Celery. But we can't stop there. Once you're actually using Celery it's time to understand what it is actually doing so you can be prepared for when things go wrong and know what tools are out there to help you troubleshoot any issues.
I like websites with search bars. If the search function works well, I can enter a few words and get a list of results, with the things that interest me at the top. Whether you use it as a help system or for product information, search functionality can add a lot of value to a Django application. But implementing proper search functionality is not easy. Django offers multiple ways to implement search functionality, each with its advantages and disadvantages.
This talk will give you an overview of the different ways in which you can implement search functionality in Django. We will look at the full-text search options that come with databases and the use of a dedicated search engine like Elastic Search or Postgres. Along the way, you will learn about the different ways in which you can index your data to learn how to evaluate your search results.
Accessibility is a big topic, which can be hard to approach. We'll look at how the team behind Wagtail set to work on making their CMS more accessible, focusing on Django-specific improvements that are relevant to all projects.
Along the way we'll learn about,
- Why we care about making accessible sites and apps
- Accessibility considerations when modelling a site’s content
- Tooling and techniques to assess the accessibility of Django projects
In the software industry, developers, designers and stakeholders should be working together to achieve the same goals and deliver high quality products to the final users. To be actually able to work together in an efficient and harmonic way, though, is a whole other thing. In a team composed by developers and designers, we were able to mitigate the impact of communication flaws and concepts divergences in a continuous effort to cover the blank spots we found on every iteration we went through. In this talk I’m going to share some lessons learned about how to integrate both teams’ work with a solid management process.
Over the last few years, Portugal has become a pool of talent with an above-average success rate in tech-driven companies. This results in the fuelling of the country’s technological scene and in the growth of an ecosystem of innovative startups. These tech businesses are increasingly relying on the capabilities of a web framework like Django to power its developments.
Ever had a ModelForm, a DRF Serializer, a FilterSet grind to a halt rendering a choice field? Of course you have. Ever given up on it and resorted to raw ids? -- No don't answer that.
We're going to look at how you can get a grip on ModelChoiceField when you're dealing with lots of related objects, and when you need to offer that choice again and again and again, without needing to put the kettle on.
The story of how the Choices feature in Django 3.0 came to be, and how we met challenges of design, implementation, and the project's process. A peek "behind the curtains"(*) of Django development - from discussions and proof-of-concept to a merged PR - and some lessons learned.
(*) It's all public
Curious how to put your code into a deadlock? Want infinite loops, but in parallel? Or just want a new, exciting kind of data corruption? We'll look at these and other ways that asynchronous code can make you write some spectacularly nasty code, as well as the ways Django tries to save you from these terrible fates.