django is a high-level python web framework that enables rapid development of secure and easy-to-maintain websites. Built by experienced developers, django takes care of much of the hassle of web development, so you can focus on writing your app without reinventing the wheel. it’s free and open source, has a thriving and active community, excellent documentation, and plenty of free and paid support options.
django helps you write software that is:
django follows the “batteries included” philosophy and provides almost everything developers might want to do “out of the box”. because all you need is part of a “product”, everything works seamlessly together, follows consistent design principles, and has extensive and up-to-date documentation.
django can be (and has been) used to create almost any type of website, from content management systems and wikis, to social networking and news sites. it can work with any client-side framework and can serve content in almost any format (including html, rss feeds, json and xml).
Internally, while it offers options for just about any functionality you want (eg, various popular databases, template engines, etc.), it can also be extended to use other components if needed.
django helps developers avoid many common security pitfalls by providing a framework that has been designed to “do the right thing” to automatically secure the website. for example, django provides a secure way to manage user accounts and passwords, avoiding common mistakes like putting session information in cookies where it’s vulnerable (instead, cookies just contain a key and the actual data is stored in the database). data) or store passwords directly. instead of a password hash.
A password hash is a fixed-length value created by sending the password through a cryptographic hash function. django can check if an entered password is correct by running it through the hash function and comparing the output with the stored hash value. however, due to the “one-way” nature of the function, even if a stored hash value is compromised, it is difficult for an attacker to guess the original password.
django enables protection against many vulnerabilities by default, including sql injection, cross-site scripting, cross-site request forgery, and clickjacking (see website security for more details on such attacks).
django uses a component-based “shared-nothing” architecture (each part of the architecture is independent of the others, and therefore can be replaced or changed if necessary). having a clear separation between the different parts means you can scale to increase traffic by adding hardware at any level: caching servers, database servers, or application servers. some of the busiest sites have successfully scaled django to meet their demands (for example, instagram and disqus, to name just two).
django code is written using design principles and patterns that encourage the creation of code that can be maintained and reused. in particular, it makes use of the principle of not repeating itself (dry) so that there are no unnecessary duplications, thus reducing the amount of code. django also promotes bundling related functions into reusable “applications” and, at a lower level, bundling related code into modules (in the vein of the model view controller (mvc) pattern).
django is written in python, which runs on many platforms. That means you’re not tied to any particular server platform and can run your applications on many versions of Linux, Windows, and MacOS. Additionally, django is well supported by many web hosts, who often provide infrastructure and documentation specific to hosting django sites.
