“Security strategies for multi-tenant applications” Raphael Michel · Talk (40 minutes)
When writing multi-tenant applications, a very typical and dangerous bug is to forget about a WHERE statement and show data to the wrong users. This often goes unnoticed, since most people are only testing with one user account. This talk discusses strategies to prevent this class of error entirely.
“Search Options in Django” Stefan Baerisch · Talk (40 minutes)
I like websites with search bars. If the search function works well, I can enter a few words and get a list of results, with the things that interest me at the top. Whether you use it as a help system or for product information, search functionality can add a lot of value to a Django application. B…
“A Pony On The Move: How Migrations Work In Django 🐎” Markus Holtermann · Talk (40 minutes)
Django ships with a built-in migration framework since version 1.7 in 2014. While migrations are widely used by almost every Django project ever since, there is little known about the internals of the migration framework. This talk will look into its components and how they are tied together.
“How To Break Django: With Async” Andrew Godwin · Talk (40 minutes)
Curious how to put your code into a deadlock? Want infinite loops, but in parallel? Or just want a new, exciting kind of data corruption? We'll look at these and other ways that asynchronous code can make you write some spectacularly nasty code, as well as the ways Django tries to save you from the…
“Ceci n'est pas un job” Leila Verhaegen · Talk (40 minutes)
More than once I have had the pleasure of being informed that my job (which by the way, is also the job of quite a few members of the DjangoCon audience) is not a “real” job.
In this talk I will try to discover what a “real job” is. I will also find out more about what is “real”, and what is a “job…
“Implementing a Cross-DB JSONField” Sage M. Abdullah · Talk (40 minutes)
Tired of dealing with structured data? Want to avoid database migrations? Try
This talk explains the implementation of a cross-DB
JSONField, a new feature released in Django 3.1, that can be used on all database backends supported by Django.
“Developing a Security Mindset: Practical Lessons for Pythonistas” Hayley Denbraver · Talk (40 minutes)
This talk will discuss why developers should grow their security mindset and will give them practical advice for how to do so—even in a workplace where many issues compete for their attention. Examples will be given from the Python and Django world and should be of interest to those new to security…
“How to Hack a Django Website” Adam Johnson · Talk (40 minutes)
Why did Facebook have a public Django-based site that got hacked? What was the flaw discovered in GitHub's password reset mechanism that was also found to affect Django auth? Are your projects vulnerable?
I'll walk you through some stories of common web vulnerabilities, and what they mean for Djang…
“C is for Cookie” Russell Keith-Magee · Talk (40 minutes)
“Choose, and choose quickly: Optimising ModelChoiceField” Carlton Gibson · Talk (40 minutes)
Ever had a ModelForm, a DRF Serializer, a FilterSet grind to a halt rendering a choice field? Of course you have. Ever given up on it and resorted to raw ids? -- No don't answer that.
We're going to look at how you can get a grip on ModelChoiceField when you're dealing with lots of related objects,…
“Digitisation and Education — How the AlekSIS project fosters co-creation of school software by young people” Tom Teichler, Dominik George · Talk (40 minutes)
Free software is all about participation, and projects can empower young people to participate by designing their software in a way that opens it up for learning and teaching in education. This talk reports from the AlekSIS project that develops real-world educational software that is intended to b…
“Understanding Celery to maintain your sanity” Ashwini Balnaves · Talk (40 minutes)
Many Django apps use Celery as a task queue for long running tasks. Many talks and blogs focus on how to use Celery. But we can't stop there. Once you're actually using Celery it's time to understand what it is actually doing so you can be prepared for when things go wrong and know what tools are o…
“A Pentester's Thoughts on Django Security” Pascal Uter · Talk (40 minutes)
Django can make you feel like you are in security heaven and yet there are some pitfalls to avoid. In this talk, I want to praise Django design choices, give an overview of Django's security features and their limitations and conclude with some general security best practices to keep in mind.
“How To Get On This Stage (And What To Do When You Get There)” Mark Smith · Talk (40 minutes)
Would you like to give a talk at DjangoCon, but don't know where to start? Does the idea of getting on the stage terrify you? This talk will tell you why you should give a talk and how to go about it. I'll cover submitting a proposal, writing your talk, preparing to speak and actually getting behin…
“GraphQL-first Django” Marcin Gębala · Talk (40 minutes)
GraphQL is a more flexible alternative to REST for building web APIs, and thus is becoming a strong foundation for any modern web stack. This is especially true where static HTML templates are not cutting it or a sophisticated single-page interface is needed, which is often the case on the web nowa…
“Integrating Design and Development teams by implementing a Design System” Mariana Bedran Lesche, Daniela Falcone · Talk (40 minutes)
In the software industry, developers, designers and stakeholders should be working together to achieve the same goals and deliver high quality products to the final users. To be actually able to work together in an efficient and harmonic way, though, is a whole other thing. In a team composed by de…
“The Design and Development of Choices in Django 3.0” Shai Berger · Talk (40 minutes)
The story of how the Choices feature in Django 3.0 came to be, and how we met challenges of design, implementation, and the project's process. A peek "behind the curtains"(*) of Django development - from discussions and proof-of-concept to a merged PR - and some lessons learned.
(*) It's all public
“There’s more than one way to draw a map - lessons learned after the Google Maps SDK became unaffordable” Basil Dubyk, Alexander Gaevsky · Talk (40 minutes)
The Google Maps SDK: well-known, powerful, and extremely popular - and after July 2018, suddenly unaffordable. We needed to find an alternative for Django geospatial projects. This is the story of our search and what we found, and the lessons that we’d like to share from the experience. The good ne…
“Can't Get You Out of My Head” Aaron Bassett · Talk (40 minutes)
Our devices are continually sending and receiving a complex set of instructions and information every time they interact over HTTP. While this mostly invisible interaction is primarily made up of the same standard set of attributes what oddities would we discover if we spidered 10,000,000 domains?
“Creating a spotify-like personal streaming service with Django and Vue: Lessons learned” Emma Delescolle · Talk (40 minutes)
In today's web, working with a frontend framework or library is becoming the norm. Vue is one of the most popular ones but how does it play with Django, what are the advantages and caveats?
We'll use a practical example to explore some of those, ranging from getting the 2 frameworks to "just" work …
“New ways to deploy your Django app” Tom Dyson · Talk (40 minutes)
For many people, deploying their site is still the hardest part of being a Django developer. This talk will demonstrate three modern, low-cost alternatives to the standard approaches. I'll show how to deploy the same app three times, using self-hosted Docker, Google Cloud Run and static site genera…
“Accessibility wins for Django projects” Thibaud Colas · Talk (40 minutes)
Accessibility is a big topic, which can be hard to approach. We'll look at how the team behind Wagtail set to work on making their CMS more accessible, focusing on Django-specific improvements that are relevant to all projects.
Along the way we'll learn about,
- Why we care about making accessible s…
“KEYNOTE - Biometric Unsecurity” Carina C. Zona · Keynote (75 minutes)
Biometrics are widely regarded by the public, and many developers, as heightened security. Their actual track record tells a very different story. Biometric technologies are systematically making the world a less safe place. We have an obligation to do something about that. And we can.
“KEYNOTE - Ecosystem Revolution with Django” Luis Roque · Keynote (75 minutes)
Over the last few years, Portugal has become a pool of talent with an above-average success rate in tech-driven companies. This results in the fuelling of the country’s technological scene and in the growth of an ecosystem of innovative startups. These tech businesses are increasingly relying on th…