Raphael Michel

I‘m a software developer working with the web for more than thirteen years and with Python and Django for over seven years. I run a small software company and maintain multiple open source projects. The most notable Django-based one is pretix, a full-featured and free conference ticketing software.

The speaker's profile picture


Security strategies for multi-tenant applications
Raphael Michel

When writing multi-tenant applications, a very typical and dangerous bug is to forget about a WHERE statement and show data to the wrong users. This often goes unnoticed, since most people are only testing with one user account. This talk discusses strategies to prevent this class of error entirely.