DEV Community: Gaurav Jain The latest articles on DEV Community by Gaurav Jain (@gauravvjn). https://dev.to/gauravvjn https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F393475%2F1f837576-a17a-4077-8307-b4989abf7445.png DEV Community: Gaurav Jain https://dev.to/gauravvjn en Writing JSON based REST APIs in Pure Django without using DRF or tastypie. Gaurav Jain Tue, 16 Jun 2020 06:33:02 +0000 https://dev.to/gauravvjn/writing-json-based-rest-apis-in-pure-django-without-using-drf-or-tastypie-19l7 https://dev.to/gauravvjn/writing-json-based-rest-apis-in-pure-django-without-using-drf-or-tastypie-19l7 <p>I was seeing a lot of posts on Facebook, Reddit, LinkedIn, etc about how people are struggling with writing APIs in Django. Moreover, introducing DRF on top of the Django to write APIs, was, kind of, overwhelming for beginners. So I decided to write a post on the same for absolute beginners keeping in mind that that they have ZERO experience with Django.</p> <p>In this article, I'm explaining how you can write pure JSON based RESTful APIs in Django without depending on any other third party library or framework such as DRF, Tastypie, etc. </p> <p>If you are a beginner and read this post, I'd appreciate if you provide me with feedback to add or explain things in more details to improve this article.</p> <p><a href="https://gauravvjn.medium.com/build-json-apis-in-django-without-drf-or-any-other-library-2c22af6105d7">https://gauravvjn.medium.com/build-json-apis-in-django-without-drf-or-any-other-library-2c22af6105d7</a></p> django python api Security in a Django Application Gaurav Jain Fri, 05 Jun 2020 05:05:54 +0000 https://dev.to/gauravvjn/security-in-a-django-application-25bd https://dev.to/gauravvjn/security-in-a-django-application-25bd <p>I have seen experienced Django developers who don't have a full understanding of SECRET_KEY setting.<br> Similarly, there are a couple of other things that most people seem to be either unaware of or ignore it.</p> <p>Security is one of the most critical aspects of any App, yet no one gives due priority to it. <br> Based on my experience so far I have compiled top common web vulnerabilities and techniques to prevent them in a Django App.</p> <p>These vulnerabilities are - </p> <ul> <li>SQL Injection</li> <li>CRLF Injection</li> <li>Timing Attack</li> <li>Clickjacking Attack</li> <li>Cross-Site Scripting (XSS)</li> <li>Cross-Site Request Forgery (CSRF)</li> <li>HTTP Strict Transport Security (SSL)</li> <li>Session Hijacking</li> <li>Denial of Service (DoS)</li> <li>Miscellaneous</li> </ul> <p>Django provides the guard against these vulnerabilities out of the box but are not enabled by default</p> <p>In the post, I describe all the steps you need to follow to make your application more secure.</p> <p>You can access the post here - <a href="https://gauravvjn.medium.com/secrets-of-security-in-a-django-application-0dfb41957eb0">https://gauravvjn.medium.com/secrets-of-security-in-a-django-application-0dfb41957eb0</a></p> django python security