Welcome to Django for Professionals, a guide to building professional websites with the Django web framework. There is a massive gulf between building simple “toy apps” that can be created and deployed quickly and what it takes to build a “production-ready” web application suitable for deployment to thousands or even millions of users. This book will show you to how to bridge that gap.
When you first install Django and create a new project the default settings are geared towards fast local development. And this makes sense: there’s no need to add all the additional features required of a large website until you know you need them. These defaults include SQLite as the default database, a local web server, local static asset hosting, built-in
User model, and
DEBUG mode turned on.
But for a production project many, if not most, of these settings must be reconfigured. And even then there can be a frustrating lack of agreement among the experts. For example, what’s the best production database to use? Many Django developers, myself included, choose PostgreSQL. It is what we will use in this book. However an argument can be made for MySQL depending on the project. It really does all depend on the specific requirements of a project.
Rather than overwhelm the reader with the full array of choices available this book shows one approach, grounded in current Django community best practices, for building a professional website. The topics covered include using Docker for local development and deployment, PostgreSQL, a custom user model, robust user authentication flow with email, comprehensive testing, environment variables, security and performance improvements, and more.
By the end of this book you will have built a professional website and learned all the necessary steps to do so. Whether you are starting a new project that hopes to be as large as Instagram (currently the largest Django website in the world) or making much-needed updates to an existing Django project, you will have the tools and knowledge to do so.
If you’re brand-new to either Django or web development, this is not the book for you. The pace will be far too fast. While you could read along, copy all the code, and have a working website at the end, I instead recommend starting with my book Django for Beginners. It starts with the very basics and progressively introduces concepts via building five increasingly complex Django applications. After completing that book you will be ready for success with this book.
We will use Docker throughout most of this book but still rely, briefly, on having Python 3, Django, and Pipenv installed locally. Git is also a necessary part of the developer toolchain. Finally, we will be using the command line extensively in this book as well so if you need a refresher on it, please see here.
Chapter 1 starts with an introduction to Docker and explores how to “Dockerize” a traditional Django project. In Chapter 2 PostgreSQL is introduced, a production-ready database that we can run locally within our Docker environment. Then Chapter 3 starts the main project in the book: an online Bookstore featuring a custom user model, payments, search, image uploads, permissions, and a host of other goodies.
Chapter 4 focuses on building out a
Pages app for a basic homepage along with robust testing which is included with every new feature on the site. In Chapter 5 a complete user registration flow is implemented from scratch using the built-in
In Chapter 7 the focus shifts to advanced user registration, namely including email-only log in and social authentication via the third-party
django-allauth package. Chapter 8 introduces environment variables, a key component of Twelve-Factor App development and a best practice widely used in the web development community. Rounding out the set up of our project, Chapter 9 focuses on email and adding a dedicated third-party provider.
The structure of the first half of the book is intentional. When it comes time to build your own Django projects, chances are you will be repeating many of the same steps from Chapters 3-9. After all, every new project needs proper configuration, user authentication, and environment variables. So treat these chapters as your detailed explanation and guide. The second half of the book focuses on specific features related to our Bookstore website.
Chapter 10 starts with building out the models, tests, and pages for our Bookstore via a
Books app. There is also a discussion of URLs and switching from
id to a slug to a UUID (Universally Unique IDentifier) in the URLs. Chapter 11 features the addition of reviews to our Bookstore and a discussion of foreign keys.
In Chapter 12 image-uploading is added and in Chapter 13 permissions are set across the site to lock it down. For any site but especially e-commerce, search is a vital component and Chapter 14 walks through building a form and increasingly complex search filters for the site.
In Chapter 15 the focus switches to performance optimizations including the addition of
django-debug-toolbar to inspect queries and templates, database indexes, front-end assets, and multiple built-in caching options. Chapter 16 covers security in Django, both the built-in options as well as additional configurations that can–and should–be added for a production environment. The final section, Chapter 17, is on deployment, the standard upgrades needed to migrate away from the Django web server, local static file handling, and configuring
The Conclusion touches upon various next steps to take with the project and additional Django best practices.
There are many code examples in this book, which are formatted as follows:
# This is Python code print(Hello, World)
For brevity we will use dots
... to denote existing code that remains unchanged, for example, in a function we are updating.
def make_my_website: ... print("All done!")
We will also use the command line console frequently to execute commands, which take the form of a
$ prefix in traditional Unix style.
$ echo "hello, world"
The result of this particular command in the next line will state:
Typically both a command and its output will be combined for brevity. The command will always be prefaced by a
$ and the output will not. For example, the command and result above would be represented as follows:
$ echo "hello, world" hello, world
A modern text editor is a must-have part of any software developer’s toolkit. Among other features they come with plug-ins that help format and correct errors in Python code. Popular options include Black, autopep8, and YAPF.
Django is an excellent choice for any developer who wants to build modern, robust web applications with a minimal amount of code. It is popular, under active development, and thoroughly battle-tested by the largest websites in the world.
Complete source code for the book can be found in the official Github repository.
In the next chapter we’ll learn how to configure any computer for Django development with Docker.