The Django Book, Chapter 16: django.contrib
32
django.contrib 2013-09-02. Django Workshop.
-
Upload
tzu-ping-chung -
Category
Technology
-
view
458 -
download
1
description
Discusses Chapter 16 of The Django Book, and some other django.contrib packages such as ContentTypes, Comments, etc.
Transcript of The Django Book, Chapter 16: django.contrib
django.contrib2013-09-02. Django Workshop.
About me
• TP (@uranusjr)
• RTFD
• Find me anywhere
django.contrib
• Utilities
• Optional
• Don’t (need to) re-invent the wheels
• These serves as examples if you want!
• May change in the future
django.contrib
• Utilities
• Optional
• Don’t (need to) re-invent the wheels
• These serves as examples if you want!
• May change in the future
Major changes Since 1.3Packages
Major changesMajor changesPackages
Since Notes
auth 1.5 Custom user model; get_profile() deprecated
formtools 1.4 Reimplemented with CBVs
staticfiles 1.4 New {% static %} template tag
localflavor 1.5 Deprecated
markup 1.5 Deprecated
django.contrib
• Site-building tools
• Auth & auth, sessions, etc.
• Utilities
• Page generation, messaging, etc.
• Black magic
django.contrib
• Site-building tools
• Auth & auth, sessions, etc.
• Utilities
• Page generation, messaging, etc.
• Black magic
Previously, on TDB...
• admin (Chapter 6)
• sitemaps, syndication (Chapter 13)
• auth, sessions (Chapter 14)
CSRF Protection
• CSRF: Cross-Site Request Forgery
• Prevention
• Use POST for state-changing processes
• Add a token to every POST form
• Only allow POST when the form has an appropriate token value
django.contrib.csrf
• Depends on django.contrib.sessions
• Template tag {% csrf_token %}
• Middleware CsrfMiddleware
• Beware of its limitations!
• AJAX contents
• Don’t use @csrf_exempt unless needed
django.contrib.sites
• Sharing a data base between multiple sites
• Site: A name and a domain
• A SITE_ID in settings.py
• The Site model
• Site.objects.get_current()
• The CurrentSiteManager
Content-Serving
• django.contrib.flatpages
• Reuse templates for “static” web pages without redundant views
• django.contrib.redirects
• Manage redirections in the database
• django.contrib.admindocs
Cool Thingz
• django.contrib.formtools
• Split Django form into multiple pages
• django.contrib.gis
• GeoDjango
• django.contrib.humanize
• django.contrib.webdesign
Questions?
Django’s void *
• Django’s relations require concrete targets
• Multi-table subclassing is costly
• A “pointer to anything”
It’s Possible
• Python uses duck-typing already
• Magic built-in: getattribute
• Django’s get_model
• Django relations are just ids
ContentTypes
• GenericForeignKey
• GenericRelation
• Forms and formsets
• Admin inlines
But How?
• A ContentType model
• post_syncdb.connect(update_contenttypes)
• GenericForeignKey needs two helping fields
• A ForeignKey to ContentType
• A field to hold the primary key (usually a PositiveIntegerField)
from django.db import modelsfrom django.contrib.contenttypes import generic
class Attachment(models.Model): attached_file = models.FileField(...) content_type = models.ForeignKey( 'contenttypes.ContentType' ) object_id = models.PositiveIntegerField() content_object = generic.GenericForeignKey( 'content_type', 'object_id' )
# ... blah blah blah ...
from django.db import modelsfrom django.contrib.contenttypes import generic
class Attachment(models.Model): attached_file = models.FileField(...) content_type = models.ForeignKey( 'contenttypes.ContentType' ) object_id = models.PositiveIntegerField() content_object = generic.GenericForeignKey( 'content_type', 'object_id' )
# ... blah blah blah ...
from django.db import modelsfrom django.contrib.contenttypes import generic
class Attachment(models.Model): attached_file = models.FileField(...) content_type = models.ForeignKey( 'contenttypes.ContentType' ) object_id = models.PositiveIntegerField() content_object = generic.GenericForeignKey( 'content_type', 'object_id' )
# ... blah blah blah ...
from django.db import modelsfrom django.contrib.contenttypes import generic
class Attachment(models.Model): attached_file = models.FileField(...) content_type = models.ForeignKey( 'contenttypes.ContentType' ) object_id = models.PositiveIntegerField() content_object = generic.GenericForeignKey()
# ... blah blah blah ...
post_attachments = Attachment.objects.filter( content_object=BlogPost.objects.latest('id'))
taget_user = User.objects.get(username='uranusjr')message = Message.objects.filter( from_user=request.user, to_user=taget_user).latest('created_at')message_attachment = Attachment.objects.filter( content_object=message)message_attachment.content_object = ...message_attachment.save()
Caveats
• Not really a database field
• Cannot filter (or exclude, get, etc.)
• Cannot aggregate
• Some annotations do work
• No automatic reverse
from django.db import modelsfrom django.contrib.contenttypes import generic
class BlogPost(models.Model): # ... blah blah blah ... attachments = generic.GenericRelation(Attachment)
# ... blah blah blah ...
from django.db import modelsfrom django.contrib.contenttypes import generic
class BlogPost(models.Model): # ... blah blah blah ... attachments = generic.GenericRelation(Attachment)
# ... blah blah blah ...
blog_post = BlogPost.objects.latest('id')
# These two become equivalentAttachment.objects.filter(content_object=blog_post)blog_post.attachments
Applications
• django.contrib.comments
• django-ratings
• Post tagging
• “Like”
django.contrib
• Utilities
• Optional
• Don’t (need to) re-invent the wheels
• If you have to, these serves as examples
• May change in the future
django.contrib
• Site-building tools
• Auth & auth, sessions, etc.
• Utilities
• Page generation, messaging, etc.
• Black magic
django.contrib
• Site-building tools
• Auth & auth, sessions, etc.
• Utilities
• Page generation, messaging, etc.
• Black magic
• Hacks (in a good way!)
Questions?
