DEV Community

sanadiqbal
sanadiqbal

Posted on

DJANGO CONCEPTS

1. Settings file

Secret Key

The secret key is a unique string of characters used for cryptographic signing in Django. It is used to secure cookies, user sessions, and other sensitive data. The secret key should be kept confidential and never shared with others. In Django, the secret key is defined in the settings.py file.

Default Django Apps

Django comes with several default apps that are included in the settings.py file by default. These apps are:

  • django.contrib.admin: A web-based administration interface for managing the site.
  • django.contrib.auth: User authentication and authorization.
  • django.contrib.contenttypes: A framework for content types.
  • django.contrib.sessions: User session management.
  • django.contrib.messages: A messaging framework for displaying messages to users.
  • django.contrib.staticfiles: Framework for managing static files.

There are also many third-party apps available for Django that can be added to the settings.py file to extend its functionality.

Middleware

Middleware is a framework that sits between Django's request and response objects and can perform various functions. It can be used for authentication, logging, compression, and security. There are many types of middleware available for Django, some of which are:

  1. AuthenticationMiddleware: Adds the user object to the request.
  2. CSRFMiddleware: Prevents cross-site request forgery attacks.
  3. SessionMiddleware: Adds session management to the request.
  4. XFrameOptionsMiddleware: Prevents clickjacking attacks.
  5. SecurityMiddleware: Provides various security features such as SSL redirection, content type options, and HSTS.

Django Security

Django provides several security features that help prevent common web application vulnerabilities. These include:

  1. Cross-Site Request Forgery (CSRF): Django uses a CSRF token to prevent CSRF attacks.
  2. Cross-Site Scripting (XSS): Django's template system automatically escapes user input to prevent XSS attacks.
  3. Clickjacking: Django's XFrameOptionsMiddleware provides protection against clickjacking attacks.

WSGI

WSGI stands for Web Server Gateway Interface. It is a specification for how web servers and web applications communicate with each other. In Django, WSGI is used to connect the web server to the Django application.

2. Models file

OnDelete Cascade
OnDelete Cascade is a feature of Django models that automatically deletes related objects when an object is deleted. It is useful for maintaining data integrity in the database.

Fields and Validators

Django provides many built-in fields and validators for creating models. Fields include integers, strings, dates, and files, among others. Validators are used to validate data entered by users, such as email addresses or phone numbers.

Python Module vs. Python Class

In Python, a module is a file that contains Python code, while a class is a blueprint for creating objects. In Django's models.py file, classes are used to define database tables.

3. Django ORM

ORM Queries in Django Shell

Django Shell is a command-line interface for working with Django's ORM. It can be used to test queries and run scripts. To use the ORM in the Django Shell, simply import the model and run a query.

ORM to SQL in Django Shell

Django's ORM can be converted to SQL by calling the query method on a queryset. This will return the SQL query that the ORM would generate for the given queryset.

Aggregations

Aggregations in Django are used to perform calculations on a set of objects, such as counting or averaging. Examples of aggregations include Sum, Count, and Avg.

Annotations

Annotations in Django are used to add calculated fields to a queryset. They can be used to perform complex calculations or to aggregate data from related models.

Migration files

A migration file is a Python script that defines changes to your database schema. When you make changes to your Django models, you create a new migration file to record those changes. Migration files are used to synchronize the database schema with the current state of your models.

SQL transactions

A SQL transaction is a sequence of SQL statements that are executed as a single unit of work. Transactions ensure that database operations are performed atomically, meaning that either all of the statements are executed successfully or none of them are executed at all.

Atomic transactions

In Django ORM, atomic transactions are a way to ensure that a sequence of database operations are executed atomically. If any of the operations fail, the entire sequence is rolled back. This ensures that the database remains in a consistent state even if there are errors during the sequence of operations.

Top comments (0)

Read next

rijultp profile image

Key things to Master for Web Development Success in 2025

Rijul Rajesh -

garciadiazjaime profile image

React 19: Server Functions

Jaime -

abhivyaktii profile image

API Versioning Using Headers: A Clean and Flexible Approach

Abhinav -

wallacefreitas profile image

Architecture Decision Records (ADR): Documenting Your Project’s Decisions

Wallace Freitas -