Learn Web Development with Python E-Book

Learn Web Development with Python

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: December 2018

Production reference: 1201218

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78995-329-9

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

Packt.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks. 

Contributors

About the authors

Fabrizio Romano was born in Italy in 1975. He holds a master's degree in computer science engineering from the University of Padova. He is also a certified scrum master, Reiki master and teacher, and a member of CNHC.

He moved to London in 2011 to work for companies such as Glasses Direct, and TBG/Sprinklr. He now works at Sohonet as a Principal Engineer/Team Lead.

He has given talks on Teaching Python and TDD at two editions of EuroPython, and at Skillsmatter and ProgSCon, in London.

Gaston C. Hillar is Italian and has been working with computers since he was eight years old. Gaston has a bachelor's degree in computer science (graduated with honors) and an MBA. He is an independent consultant, a freelance author, and a speaker.

He has been a senior contributing editor at Dr. Dobb's and has written more than a hundred articles on software development topics. He has received the prestigious Intel® Black Belt Software Developer award eight times.

He lives with his wife, Vanesa, and his two sons, Kevin and Brandon.

Arun Ravindran is an avid speaker and blogger who has been tinkering with Django since 2007 for projects ranging from intranet applications to social networks. He is a long-time open source enthusiast and Python developer. His articles and screencasts have been invaluable to the rapidly growing Django community. He is currently a developer member of the Django Software Foundation. Arun is also a movie buff and loves graphic novels and comics.

About the reviewers

Heinrich Kruger was born in South Africa in 1981. He obtained a bachelor's degree with honors from the University of the Witwatersrand in South Africa in 2005 and a master's degree in computer science from Utrecht University in the Netherlands in 2008. He worked as a research assistant at Utrecht University from 2009 until 2013 and has been working as a professional software developer developer since 2014. He has been using Python for personal and projects and in his studies since 2004, and professionally since 2014.

Julio Vicente Trigo Guijarro is a computer science engineer with over a decade of experience in software development. He completed his studies at the University of Alicante, Spain, in 2007 and moved to London in 2010. He has been using Python since 2012 and currently works as a senior software developer and team lead at Sohonet, developing real-time collaboration applications for the media industry. He is also a certified ScrumMaster and was one of the technical reviewers of the first edition of this book.

Norbert Mate is a web developer who started his career back in 2008. His first programming language as a professional web development was PHP, and then he moved on to JavaScript/node.js and Python/Django/Django REST framework. He is passionate about software architecture, design patterns, and clean code.

Antoni Aloy is a computer engineer graduated from the Universitat Oberta de Catalunya (UOC). He has been working with Python since 1999 and with Django since its early releases. In 2009, he founded APSL (apsl.net), a development and IT company based in Mallorca (Spain), in which Python and Django are the backbone of the software development department. He is also a founding member of the Python España Association and promotes the use of Python and Django through workshops and articles.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Learn Web Development with Python

About Packt

Why subscribe?

Packt.com

Contributors

About the authors

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Conventions used

Get in touch

Reviews

A Gentle Introduction to Python

A proper introduction

Enter the Python

About Python

Portability

Coherence

Developer productivity

An extensive library

Software quality

Software integration

Satisfaction and enjoyment

What are the drawbacks?

Who is using Python today?

Setting up the environment

Python 2 versus Python 3

Installing Python

Setting up the Python interpreter

About virtualenv

Your first virtual environment

Your friend, the console

How you can run a Python program

Running Python scripts

Running the Python interactive shell

Running Python as a service

Running Python as a GUI application

How is Python code organized?

How do we use modules and packages?

Python's execution model

Names and namespaces

Scopes

Objects and classes

Guidelines on how to write good code

The Python culture

A note on IDEs

Summary

Built-in Data Types

Everything is an object

Mutable or immutable? That is the question

Numbers

Integers

Booleans

Real numbers

Complex numbers

Fractions and decimals

Immutable sequences

Strings and bytes

Encoding and decoding strings

Indexing and slicing strings

String formatting

Tuples

Mutable sequences

Lists

Byte arrays

Set types

Mapping types – dictionaries

The collections module

namedtuple

defaultdict

ChainMap

Enums

Final considerations

Small values caching

How to choose data structures

About indexing and slicing

About the names

Summary

Iterating and Making Decisions

Conditional programming

A specialized else – elif

The ternary operator

Looping

The for loop

Iterating over a range

Iterating over a sequence

Iterators and iterables

Iterating over multiple sequences

The while loop

The break and continue statements

A special else clause

Putting all this together

A prime generator

Applying discounts

A quick peek at the itertools module

Infinite iterators

Iterators terminating on the shortest input sequence

Combinatoric generators

Summary

Functions, the Building Blocks of Code

Why use functions?

Reducing code duplication

Splitting a complex task

Hiding implementation details

Improving readability

Improving traceability

Scopes and name resolution

The global and nonlocal statements

Input parameters

Argument-passing

Assignment to argument names doesn't affect the caller

Changing a mutable affects the caller

How to specify input parameters

Positional arguments

Keyword arguments and default values

Variable positional arguments

Variable keyword arguments

Keyword-only arguments

Combining input parameters

Additional unpacking generalizations

Avoid the trap! Mutable defaults

Return values

Returning multiple values

A few useful tips

Recursive functions

Anonymous functions

Function attributes

Built-in functions

One final example

Documenting your code

Importing objects

Relative imports

Summary

Saving Time and Memory

The map, zip, and filter functions

map

zip

filter

Comprehensions

Nested comprehensions

Filtering a comprehension

dict comprehensions

set comprehensions

Generators

Generator functions

Going beyond next

The yield from expression

Generator expressions

Some performance considerations

Don't overdo comprehensions and generators

Name localization

Generation behavior in built-ins

One last example

Summary

OOP, Decorators, and Iterators

Decorators

A decorator factory

Object-oriented programming (OOP)

The simplest Python class

Class and object namespaces

Attribute shadowing

Me, myself, and I – using the self variable

Initializing an instance

OOP is about code reuse

Inheritance and composition

Accessing a base class

Multiple inheritance

Method resolution order

Class and static methods

Static methods

Class methods

Private methods and name mangling

The property decorator

Operator overloading

Polymorphism – a brief overview

Data classes

Writing a custom iterator

Summary

Files and Data Persistence

Working with files and directories

Opening files

Using a context manager to open a file

Reading and writing to a file

Reading and writing in binary mode

Protecting against overriding an existing file

Checking for file and directory existence

Manipulating files and directories

Manipulating pathnames

Temporary files and directories

Directory content

File and directory compression

Data interchange formats

Working with JSON

Custom encoding/decoding with JSON

IO, streams, and requests

Using an in-memory stream

Making HTTP requests

Persisting data on disk

Serializing data with pickle

Saving data with shelve

Saving data to a database

Summary

Testing, Profiling, and Dealing with Exceptions

Testing your application

The anatomy of a test

Testing guidelines

Unit testing 

Writing a unit test

Mock objects and patching

Assertions

Testing a CSV generator

Boundaries and granularity

Testing the export function

Final considerations

Test-driven development

Exceptions

Profiling Python

When to profile?

Summary

Concurrent Execution

Concurrency versus parallelism

Threads and processes – an overview

Quick anatomy of a thread

Killing threads

Context-switching

The Global Interpreter Lock

Race conditions and deadlocks

Race conditions

Scenario A – race condition not happening

Scenario B – race condition happening

Locks to the rescue

Scenario C – using a lock

Deadlocks

Quick anatomy of a process

Properties of a process

Multithreading or multiprocessing?

Concurrent execution in Python

Starting a thread

Starting a process

Stopping threads and processes

Stopping a process

Spawning multiple threads

Dealing with race conditions

A thread's local data

Thread and process communication

Thread communication

Sending events

Inter-process communication with queues

Thread and process pools

Using a process to add a timeout to a function

Case examples

Example one – concurrent mergesort

Single-thread mergesort

Single-thread multipart mergesort

Multithreaded mergesort

Multiprocess mergesort

Example two – batch sudoku-solver

What is Sudoku?

Implementing a sudoku-solver in Python

Solving sudoku with multiprocessing

Example three – downloading random pictures

Downloading random pictures with asyncio

Summary

Debugging and Troubleshooting

Debugging techniques

Debugging with print

Debugging with a custom function

Inspecting the traceback

Using the Python debugger

Inspecting log files

Other techniques

Profiling

Assertions

Where to find information

Troubleshooting guidelines

Using console editors

Where to inspect

Using tests to debug

Monitoring

Summary

Installing the Required Software and Tools

Creating a virtual environment with Python 3.x and PEP 405

Understanding the directory structure for a virtual environment

Activating the virtual environment

Deactivating the virtual environment

Installing Django and Django REST frameworks in an isolated environment

Creating an app with Django

Understanding Django folders, files, and configurations

Installing tools

Installing Curl

Installing HTTPie

Installing the Postman REST client

Installing Stoplight

Installing iCurlHTTP

Test your knowledge

Summary

Working with Models, Migrations, Serialization, and Deserialization

Defining the requirements for our first RESTful Web Service

Creating our first model

Running our initial migration

Understanding migrations

Analyzing the database

Understanding the table generated by Django

Controlling, serialization, and deserialization

Working with the Django shell and diving deeply into serialization and deserialization

Test your knowledge

Summary

Creating API Views

Creating Django views combined with serializer classes

Understanding CRUD operations with Django views and the request methods

Routing URLs to Django views and functions

Launching Django's development server

Making HTTP GET requests that target a collection of instances

Making HTTP GET requests that target a single instance

Making HTTP POST requests

Making HTTP PUT requests

Making HTTP DELETE requests

Making HTTP GET requests with Postman

Making HTTP POST requests with Postman

Test your knowledge

Summary

Using Generalized Behavior from the APIView Class

Taking advantage of model serializers

Understanding accepted and returned content types

Making unsupported HTTP OPTIONS requests with command-line tools

Understanding decorators that work as wrappers

Using decorators to enable different parsers and renderers

Taking advantage of content negotiation classes

Making supported HTTP OPTIONS requests with command-line tools

Working with different content types

Sending HTTP requests with unsupported HTTP verbs

Test your knowledge

Summary

Understanding and Customizing the Browsable API Feature

Understanding the possibility of rendering text/HTML content

Using a web browser to work with our web service

Making HTTP GET requests with the browsable API

Making HTTP POST requests with the browsable API

Making HTTP PUT requests with the browsable API

Making HTTP OPTIONS requests with the browsable API

Making HTTP DELETE requests with the browsable API

Test your knowledge

Summary

Using Constraints, Filtering, Searching, Ordering, and Pagination

Browsing the API with resources and relationships

Defining unique constraints

Working with unique constraints

Understanding pagination

Configuring pagination classes

Making requests that paginate results

Working with customized pagination classes

Making requests that use customized paginated results

Configuring filter backend classes

Adding filtering, searching, and ordering

Working with different types of Django filters

Making requests that filter results

Composing requests that filter and order results

Making requests that perform starts with searches

Using the browsable API to test pagination, filtering, searching, and ordering

Test your knowledge

Summary

Securing the API with Authentication and Permissions

Understanding authentication and permissions in Django, the Django REST framework, and RESTful Web Services

Learning about the authentication classes

Including security and permissions-related data to models

Working with object-level permissions via customized permission classes

Saving information about users that make requests

Setting permission policies

Creating the superuser for Django

Creating a user for Django

Making authenticated requests

Making authenticated HTTP PATCH requests with Postman

Browsing the secured API with the required authentication

Working with token-based authentication

Generating and using tokens

Test your knowledge

Summary

Applying Throttling Rules and Versioning Management

Understanding the importance of throttling rules

Learning the purpose of the different throttling classes in the Django REST framework

Configuring throttling policies in the Django REST framework

Running tests to check that throttling policies work as expected

Understanding versioning classes

Configuring a versioning scheme

Running tests to check that versioning works as expected

Test your knowledge

Summary

Automating Tests

Getting ready for unit testing with pytest

Writing unit tests for a RESTful Web Service

Discovering and running unit tests with pytest

Writing new unit tests to improve the tests' code coverage

Running unit tests again with pytest

Test your knowledge

Summary

Solutions

Chapter 11: Installing the Required Software and Tools

Chapter 12: Working with Models, Migrations, Serialization, and Deserialization

Chapter 13: Creating API Views

Chapter 14: Using Generalized Behavior from the APIView Class

Chapter 15: Understanding and Customizing the Browsable API Feature

Chapter 16: Using Constraints, Filtering, Searching, Ordering, and Pagination

Chapter 17: Securing the API with Authentication and Permissions

Chapter 18: Applying Throttling Rules and Versioning Management

Chapter 19: Automating Tests

Templates

Understanding Django's template language features

Variables

Attributes

Filters

Tags

Philosophy – don't invent a programming language

Jinja2

Organizing templates

How templates work

Using Bootstrap

But they all look the same!

Lightweight alternatives

Template patterns

Pattern — template inheritance tree

Problem details

Solution details

Pattern — the active link

Problem details

Solution details

A template-only solution

Custom tags

Summary

Admin Interface

Using the admin interface

Enhancing models for the admin

Not everyone should be an admin

Admin interface customizations

Changing the heading

Changing the base and stylesheets

Adding a rich-text editor for WYSIWYG editing

Bootstrap-themed admin

Complete overhauls

Protecting the admin

Pattern – feature flags

Problem details

Solution details

Summary

Forms

How forms work

Forms in Django

Why does data need cleaning?

Displaying forms

Time to be crisp

Understanding CSRF

Form processing with class-based views

Form patterns

Pattern – dynamic form generation

Problem details

Solution details

Pattern – user-based forms

Problem details

Solution details

Pattern – multiple form actions per view

Problem details

Solution details

Separate views for separate actions

Same view for separate actions

Pattern – CRUD views

Problem details

Solution details

Summary

Security

Cross-site scripting

Why are your cookies valuable?

How Django helps

Where Django might not help

Cross-site request forgery

How Django helps

Where Django might not help

SQL injection

How Django helps

Where Django might not help

Clickjacking

How Django helps

Shell injection

How Django helps

And the web attacks are unending

A handy security checklist

Summary

Working Asynchronously

Why asynchronous?

Pitfalls of asynchronous code

Asynchronous patterns

Endpoint callback pattern

Publish-subscribe pattern

Polling pattern

Asynchronous solutions for Django

Working with Celery

How Celery works

Celery best practices

Handling failure

Idempotent tasks

Avoid writing to shared or global state

Database updates without race conditions

Avoid passing complex objects to tasks

Understanding asyncio

asyncio versus threads

The classic web-scraper example

Synchronous web-scraping

Asynchronous web-scraping

Concurrency is not parallelism

Entering Channels

Listening to notifications with WebSockets

Differences from Celery

Summary

Creating APIs

RESTful API

API design

Versioning

Django Rest framework

Improving the Public Posts API

Hiding the IDs

API patterns

Pattern – human browsable interface

Problem details

Solution details

Pattern – Infinite Scrolling

Problem details

Solution details

Summary

Production-Ready

The production environment

Choosing a web stack

Components of a stack

Virtual machines or Docker

Microservices

Hosting

Platform as a service

Virtual private servers

Serverless

Other hosting approaches

Deployment tools

Fabric

Typical deployment steps

Configuration management

Monitoring

Improving Performance

Frontend performance

Backend performance

Templates

Database

Caching

Cached session backend

Caching frameworks

Caching patterns

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

If you want to develop complete Python web apps with Django, this Learning Path is for you. It will walk you through Python programming techniques and guide you in implementing them when creating 4 professional Django projects, teaching you how to solve common problems and develop RESTful web services with Django and Python. You will learn how to build a blog application, a social image bookmarking website, an online shop, and an e-learning platform.

Learn Web Development with Python will get you started with Python programming techniques, show you how to enhance your applications with AJAX, create RESTful APIs, and set up a production environment for your Django projects. Last but not least, you’ll learn the best practices for creating of real-world applications.

By the end of this Learning Path, you will have a full understanding of how Django works and how use it to build web applications from scratch.

This Learning Path includes content from the following Packt products:

Learn Python Programming by Fabrizio Romano

Django RESTful Web Services by Gastón C. Hillar

Django Design Patterns and Best Practices by Arun Ravindran

Who this book is for

If you have little experience in coding or Python and want to learn how to build full-fledged web apps, this Learning Path is for you. No prior experience with RESTful web services, Python, or Django is required, but basic Python programming experience is needed to understand the concepts covered.

What this book covers

Chapter 1, A Gentle Introduction to Python, introduces you to fundamental programming concepts. It guides you through getting Python up and running on your computer and introduces you to some of its constructs.

Chapter 2, Built-in Data Types, introduces you to Python built-in data types. Python has a very rich set of native data types, and this chapter will give you a description and a short example for each of them.

Chapter 3, Iterating and Making Decisions, teaches you how to control the flow of your code by inspecting conditions, applying logic, and performing loops.

Chapter 4, Functions, the Building Blocks of Code, teaches you how to write functions. Functions are the keys to reusing code, to reducing debugging time, and, in general, to writing better code.

Chapter 5, Saving Time and Memory, introduces you to the functional aspects of Python programming. This chapter teaches you how to write comprehensions and generators, which are powerful tools that you can use to speed up your code and save memory.

Chapter 6, OOP, Decorators, and Iterators, teaches you the basics of object-oriented programming with Python. It shows you the key concepts and all the potentials of this paradigm. It also shows you one of the most beloved characteristics of Python: decorators. Finally, it also covers the concept of iterators.

Chapter 7, Files and Data Persistence, teaches you how to deal with files, streams, data interchange formats, and databases, among other things.

Chapter 8, Testing, Profiling, and Dealing with Exceptions, teaches you how to make your code more robust, fast, and stable using techniques such as testing and profiling. It also formally defines the concept of exceptions.

Chapter 9, Concurrent Execution, is a challenging chapter that describes how to do many things at the same time. It provides an introduction to the theoretical aspects of this subject and then presents three nice exercises that are developed with different techniques, thereby enabling the reader to understand the differences between the paradigms presented.

Chapter 10, Debugging and Troubleshooting, shows you the main methods for debugging your code and some examples on how to apply them.

Chapter 11, Installing the Required Software and Tools, shows how to get started in our journey toward creating RESTful Web Services with Python and its most popular web framework—Django. We will install and configure the environments, the software, and the tools required to create RESTful Web Services with Django and Django REST framework. We will learn the necessary steps in Linux, macOS, and Windows. We will create our first app with Django, we will take a first look at the Django folders, files, and configurations, and we will make the necessary changes to activate Django REST framework. In addition, we will introduce and install command-line and GUI tools that we will use to interact with the RESTful Web Services that we will design, code, and test in the forthcoming chapters.

Chapter 12, Working with Models, Migrations, Serialization, and Deserialization, describes how to design a RESTful Web Service to interact with a simple SQLite database and perform CRUD operations with toys. We will define the requirements for our web service, and we will understand the tasks performed by each HTTP method and the different scopes. We will create a model to represent and persist toys and execute migrations in Django to create the required tables in the database. We will analyze the tables and learn how to manage the serialization of toy instances into JSON representations with Django REST framework and the reverse process.

Chapter 13, Creating API Views, is about executing the first version of a simple Django RESTful Web Service that interacts with a SQLite database. We will write API views to process diverse HTTP requests on a collection of toys and on a specific toy. We will work with the following HTTP verbs: GET, POST, and PUT. We will configure the URL patterns list to route URLs to views. We will start the Django development server and use command-line tools (curl and HTTPie) to compose and send diverse HTTP requests to our RESTful Web Service. We will learn how HTTP requests are processed in Django and our code. In addition, we will work with Postman, a GUI tool, to compose and send other HTTP requests to our RESTful Web Service.

Chapter 14, Using Generalized Behavior from the APIView Class, presents different ways to improve our simple Django RESTful Web Service. We will take advantage of many features included in the Django REST framework to remove duplicate code and add many features for the web service. We will use model serializers, understand the different accepted and returned content types, and the importance of providing accurate responses to the HTTP OPTIONS requests. We will make the necessary changes to the existing code to enable diverse parsers and renderers. We will learn how things work under the hoods in Django REST framework. We will work with different content types and note how the RESTful Web Service improves compared to its previous versions.

Chapter 15, Understanding and Customizing the Browsable API Feature, explains how to use one of the additional features that Django REST framework adds to our RESTful Web Service—the browsable API. We will use a web browser to work with our first web service built with Django. We will learn to make HTTP GET, POST, PUT, OPTIONS, and DELETE requests with the browsable API. We will be able to easily test CRUD operations with a web browser. The browsable API will allow us to easily interact with our RESTful Web Service.

Chapter 16, Using Constraints, Filtering, Searching, Ordering, and Pagination, describes the usage of the browsable API feature to navigate through the API with resources and relationships. We will add unique constraints to improve the consistency of the models in our RESTful Web Service. We will understand the importance of paginating results and configure and test a global limit/offset pagination scheme with Django REST framework. Then, we will create our own customized pagination class to ensure that requests won't be able to require a huge number of elements on a single page. We will configure filter backend classes and incorporate code into the models to add filtering, searching, and ordering capabilities to the class-based views. We will create a customized filter and make requests to filter, search, and order results. Finally, we will use the browsable API to test pagination, filtering, and ordering.

Chapter 17, Securing the API with Authentication and Permissions, presents the differences between authentication and permissions in Django, Django REST framework, and RESTful Web Services. We will analyze the authentication classes included in Django REST framework out of the box. We will follow the steps needed to provide security- and permissions-related data to models.

We will work with object-level permissions via customized permission classes and save information about users who make requests. We will configure permission policies and compose and send authenticated requests to understand how the permission policies work. We will use command-line tools and GUI tools to compose and send authenticated requests. We will browse the secure RESTful Web Service with the browsable API feature and work with a simple token-based authentication provided by Django REST framework to understand another way of authenticating requests.

Chapter 18, Applying Throttling Rules and Versioning Management, focuses on the importance of throttling rules and how we can combine them with authentication and permissions in Django, Django REST framework, and RESTful Web Services. We will analyze the throttling classes included in Django REST framework out of the box. We will follow the necessary steps to configure many throttling policies in Django REST framework. We will work with global and scope-related settings. Then, we will use command-line tools to compose and send many requests to test how the throttling rules work. We will understand versioning classes and we will configure a URL path versioning scheme to allow us to work with two versions of our RESTful Web Service. We will use command-line tools and the Browsable API to understand the differences between the two versions.

Chapter 19, Automating Tests, shows how to automate tests for our RESTful Web Services developed with Django and Django REST framework. We will use different packages, tools, and configurations to perform tests. We will write the first round of unit tests for our RESTful Web Service, run them, and measure tests code coverage. Then, we will analyze tests code coverage reports and write new unit tests to improve the test code coverage. We will understand the new tests code coverage reports and learn the benefits of a good test code coverage.

Chapter 20, Solutions, the right answers for the Test Your Knowledge sections of each chapter are included in the appendix.

Chapter 21, Templates, walks us through Django template language constructs, explaining its design choices, suggests how to organize template files, introduces handy template patterns, and points to several ways Bootstrap can be integrated and customized.

Chapter 22, Admin Interface, focuses on how to use Django's brilliant out-of-the box admin interface more effectively and several ways to customize it, from enhancing the models to toggling feature flags.

Chapter 23, Forms, illustrates the often confusing form workflow, different ways of rendering forms, improving a form's appearance using crispy forms, and various applied form patterns.

Chapter 24, Working Asynchronously, tours various asynchronous solutions for the Django developer, from the feature-rich Celery task queues, Python 3's asyncio, to the brand new Channels, and compares them for you.

Chapter 25, Creating APIs, explains RESTful API design concepts with practical advice on topics such as versioning, error handling, and design patterns using the Django REST framework.

Chapter 26, Security, familiarizes you with various web security threats and their counter measures, specifically looking at how Django can protect you. Finally, a handy security checklist reminds you of the commonly overlooked areas.

Chapter 27, Production-Ready, is a crash course in deploying a public-facing application beginning with choosing your webstack, understanding hosting options, and walking through a typical deployment process. We go into the details of monitoring and performance at this stage.

To get the most out of this book

You will just need a computer (PC or Mac) and internet connectivity to start with. Then, ensure that the following are installed:

Python 3.4 or later

Django 2 or later (will be covered in installation instructions)

Text Editor (or a Python IDE)

Web browser (the latest version, please)

Download the example code files

You can download the example code files for this book from your account at www.packt.com. If you purchased this book elsewhere, you can visit www.packt.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packt.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Learning-Path-Learn-Web-Development-with-Python. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Some common annotations are @Service, @Component, @Bean, and @Configuration."

A block of code is set as follows:

http .formLogin() .loginPage("/login") .failureUrl("/login?error") .and() .authorizeRequests() .antMatchers("/signup","/about").permitAll() .antMatchers("/admin/**").hasRole("ADMIN") .anyRequest().authenticated();

Any command-line input or output is written as follows:

sudo apt-get install openjdk-8-jdk -y

java -version

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "In the Project Metadata section, we can put the coordinates for Maven projects."

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packt.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packt.com.

A Gentle Introduction to Python

According to Wikipedia, computer programming is:

In a nutshell, coding is telling a computer to do something using a language it understands.

Computers are very powerful tools, but unfortunately, they can't think for themselves. They need to be told everything: how to perform a task, how to evaluate a condition to decide which path to follow, how to handle data that comes from a device, such as the network or a disk, and how to react when something unforeseen happens, say, something is broken or missing.

You can code in many different styles and languages. Is it hard? I would say yes and no. It's a bit like writing. Everybody can learn how to write, and you can too. But, what if you wanted to become a poet? Then writing alone is not enough. You have to acquire a whole other set of skills and this will take a longer and greater effort.

In the end, it all comes down to how far you want to go down the road. Coding is not just putting together some instructions that work. It is so much more!

Good code is short, fast, elegant, easy to read and understand, simple, easy to modify and extend, easy to scale and refactor, and easy to test. It takes time to be able to write code that has all these qualities at the same time, but the good news is that you're taking the first step towards it at this very moment by reading this book. And I have no doubt you can do it. Anyone can; in fact, we all program all the time, only we aren't aware of it.

Would you like an example?

Say you want to make instant coffee. You have to get a mug, the instant coffee jar, a teaspoon, water, and the kettle. Even if you're not aware of it, you're evaluating a lot of data. You're making sure that there is water in the kettle and that the kettle is plugged in, that the mug is clean, and that there is enough coffee in the jar. Then, you boil the water and maybe, in the meantime, you put some coffee in the mug. When the water is ready, you pour it into the cup, and stir.

So, how is this programming?

Well, we gathered resources (the kettle, coffee, water, teaspoon, and mug) and we verified some conditions concerning them (the kettle is plugged in, the mug is clean, and there is enough coffee). Then we started two actions (boiling the water and putting coffee in the mug), and when both of them were completed, we finally ended the procedure by pouring water in to the mug and stirring.

Can you see it? I have just described the high-level functionality of a coffee program. It wasn't that hard because this is what the brain does all day long: evaluate conditions, decide to take actions, carry out tasks, repeat some of them, and stop at some point. Clean objects, put them back, and so on.

All you need now is to learn how to deconstruct all those actions you do automatically in real life so that a computer can actually make some sense of them. And you need to learn a language as well, to instruct it.

So this is what this book is for. I'll tell you how to do it and I'll try to do that by means of many simple but focused examples (my favorite kind).

In this chapter, we are going to cover the following:

Python's characteristics and ecosystem

Guidelines on how to get up and running with Python and virtual environments

How to run Python programs

How to organize Python code and Python's execution model

A proper introduction

I love to make references to the real world when I teach coding; I believe they help people retain the concepts better. However, now is the time to be a bit more rigorous and see what coding is from a more technical perspective.

When we write code, we're instructing a computer about the things it has to do. Where does the action happen? In many places: the computer memory, hard drives, network cables, the CPU, and so on. It's a whole world, which most of the time is the representation of a subset of the real world.

If you write a piece of software that allows people to buy clothes online, you will have to represent real people, real clothes, real brands, sizes, and so on and so forth, within the boundaries of a program.

In order to do so, you will need to create and handle objects in the program you're writing. A person can be an object. A car is an object. A pair of socks is an object. Luckily, Python understands objects very well.

The two main features any object has are properties and methods. Let's take a person object as an example. Typically in a computer program, you'll represent people as customers or employees. The properties that you store against them are things like the name, the SSN, the age, if they have a driving license, their email, gender, and so on. In a computer program, you store all the data you need in order to use an object for the purpose you're serving. If you are coding a website to sell clothes, you probably want to store the heights and weights as well as other measures of your customers so that you can suggest the appropriate clothes for them. So, properties are characteristics of an object. We use them all the time: Could you pass me that pen?—Which one?—The black one. Here, we used the black property of a pen to identify it (most likely among a blue and a red one).

Methods are things that an object can do. As a person, I have methods such as speak, walk, sleep, wake up, eat, dream, write, read, and so on. All the things that I can do could be seen as methods of the objects that represent me.

So, now that you know what objects are and that they expose methods that you can run and properties that you can inspect, you're ready to start coding. Coding in fact is simply about managing those objects that live in the subset of the world that we're reproducing in our software. You can create, use, reuse, and delete objects as you please.

According to the Data Model chapter on the official Python documentation (https://docs.python.org/3/reference/datamodel.html):

We'll take a closer look at Python objects in Chapter6, OOP, Decorators, and Iterators. For now, all we need to know is that every object in Python has an ID (or identity), a type, and a value.

Once created, the ID of an object is never changed. It's a unique identifier for it, and it's used behind the scenes by Python to retrieve the object when we want to use it.

The type, as well, never changes. The type tells what operations are supported by the object and the possible values that can be assigned to it.

We'll see Python's most important data types in Chapter 2, Built-in Data Types.

The value can either change or not. If it can, the object is said to be mutable, while when it cannot, the object is said to be immutable.

How do we use an object? We give it a name, of course! When you give an object a name, then you can use the name to retrieve the object and use it.

In a more generic sense, objects such as numbers, strings (text), collections, and so on are associated with a name. Usually, we say that this name is the name of a variable. You can see the variable as being like a box, which you can use to hold data.

So, you have all the objects you need; what now? Well, we need to use them, right? We may want to send them over a network connection or store them in a database. Maybe display them on a web page or write them into a file. In order to do so, we need to react to a user filling in a form, or pressing a button, or opening a web page and performing a search. We react by running our code, evaluating conditions to choose which parts to execute, how many times, and under which circumstances.

And to do all this, basically we need a language. That's what Python is for. Python is the language we'll use together throughout this book to instruct the computer to do something for us.

Now, enough of this theoretical stuff; let's get started.

Enter the Python

Python is the marvelous creation of Guido Van Rossum, a Dutch computer scientist and mathematician who decided to gift the world with a project he was playing around with over Christmas 1989. The language appeared to the public somewhere around 1991, and since then has evolved to be one of the leading programming languages used worldwide today.

I started programming when I was 7 years old, on a Commodore VIC-20, which was later replaced by its bigger brother, the Commodore 64. Its language was BASIC. Later on, I landed on Pascal, Assembly, C, C++, Java, JavaScript, Visual Basic, PHP, ASP, ASP .NET, C#, and other minor languages I cannot even remember, but only when I landed on Python did I finally have that feeling that you have when you find the right couch in the shop. When all of your body parts are yelling, Buy this one! This one is perfect for us!

It took me about a day to get used to it. Its syntax is a bit different from what I was used to, but after getting past that initial feeling of discomfort (like having new shoes), I just fell in love with it. Deeply. Let's see why.

About Python

Before we get into the gory details, let's get a sense of why someone would want to use Python (I would recommend you to read the Python page on Wikipedia to get a more detailed introduction).

To my mind, Python epitomizes the following qualities.

Portability

Python runs everywhere, and porting a program from Linux to Windows or Mac is usually just a matter of fixing paths and settings. Python is designed for portability and it takes care of specific operating system (OS) quirks behind interfaces that shield you from the pain of having to write code tailored to a specific platform.

Coherence

Python is extremely logical and coherent. You can see it was designed by a brilliant computer scientist. Most of the time, you can just guess how a method is called, if you don't know it.

You may not realize how important this is right now, especially if you are at the beginning, but this is a major feature. It means less cluttering in your head, as well as less skimming through the documentation, and less need for mappings in your brain when you code.

Developer productivity

According to Mark Lutz (Learning Python, 5th Edition, O'Reilly Media), a Python program is typically one-fifth to one-third the size of equivalent Java or C++ code. This means the job gets done faster. And faster is good. Faster means a faster response on the market. Less code not only means less code to write, but also less code to read (and professional coders read much more than they write), less code to maintain, to debug, and to refactor.

Another important aspect is that Python runs without the need for lengthy and time-consuming compilation and linkage steps, so you don't have to wait to see the results of your work.

An extensive library

Python has an incredibly wide standard library (it's said to come with batteries included). If that wasn't enough, the Python community all over the world maintains a body of third-party libraries, tailored to specific needs, which you can access freely at the Python Package Index (PyPI). When you code Python and you realize that you need a certain feature, in most cases, there is at least one library where that feature has already been implemented for you.

Software quality

Python is heavily focused on readability, coherence, and quality. The language uniformity allows for high readability and this is crucial nowadays where coding is more of a collective effort than a solo endeavor. Another important aspect of Python is its intrinsic multiparadigm nature. You can use it as a scripting language, but you also can exploit object-oriented, imperative, and functional programming styles. It is versatile.

Software integration

Another important aspect is that Python can be extended and integrated with many other languages, which means that even when a company is using a different language as their mainstream tool, Python can come in and act as a glue agent between complex applications that need to talk to each other in some way. This is kind of an advanced topic, but in the real world, this feature is very important.

Satisfaction and enjoyment

Last, but not least, there is the fun of it! Working with Python is fun. I can code for 8 hours and leave the office happy and satisfied, alien to the struggle other coders have to endure because they use languages that don't provide them with the same amount of well-designed data structures and constructs. Python makes coding fun, no doubt about it. And fun promotes motivation and productivity.

These are the major aspects of why I would recommend Python to everyone. Of course, there are many other technical and advanced features that I could have talked about, but they don't really pertain to an introductory section like this one. They will come up naturally, chapter after chapter, in this book.

What are the drawbacks?

Probably, the only drawback that one could find in Python, which is not due to personal preferences, is its execution speed. Typically, Python is slower than its compiled brothers. The standard implementation of Python produces, when you run an application, a compiled version of the source code called byte code (with the extension .pyc), which is then run by the Python interpreter.

The advantage of this approach is portability, which we pay for with a slowdown due to the fact that Python is not compiled down to machine level as are other languages.

However, Python speed is rarely a problem today, hence its wide use regardless of this suboptimal feature. What happens is that, in real life, hardware cost is no longer a problem, and usually it's easy enough to gain speed by parallelizing tasks. Moreover, many programs spend a great proportion of the time waiting for IO operations to complete; therefore, the raw execution speed is often a secondary factor to the overall performance. When it comes to number crunching though, one can switch to faster Python implementations, such as PyPy, which provides an average five-fold speedup by implementing advanced compilation techniques (check http://pypy.org/ for reference).

When doing data science, you'll most likely find that the libraries that you use with Python, such as Pandas and NumPy, achieve native speed due to the way they are implemented.

If that wasn't a good-enough argument, you can always consider that Python has been used to drive the backend of services such as Spotify and Instagram, where performance is a concern. Nonetheless, Python has done its job perfectly adequately.

Who is using Python today?

Not yet convinced? Let's take a very brief look at the companies that are using Python today: Google, YouTube, Dropbox, Yahoo!, Zope Corporation, Industrial Light & Magic, Walt Disney Feature Animation, Blender 3D, Pixar, NASA, the NSA, Red Hat, Nokia, IBM, Netflix, Yelp, Intel, Cisco, HP, Qualcomm, and JPMorgan Chase, to name just a few.

Even games such as Battlefield 2, Civilization IV, and QuArK are implemented using Python.

Python is used in many different contexts, such as system programming, web programming, GUI applications, gaming and robotics, rapid prototyping, system integration, data science, database applications, and much more. Several prestigious universities have also adopted Python as their main language in computer science courses.

Setting up the environment

Before we talk about installing Python on your system, let me tell you about which Python version I'll be using in this book.

Python 2 versus Python 3

Python comes in two main versions: Python 2, which is the past, and Python 3, which is the present. The two versions, though very similar, are incompatible in some respects.

In the real world, Python 2 is actually quite far from being the past. In short, even though Python 3 has been out since 2008, the transition phase from Version 2 is still far from being over. This is mostly due to the fact that Python 2 is widely used in the industry, and of course, companies aren't so keen on updating their systems just for the sake of updating them, following the if it ain't broke, don't fix it philosophy. You can read all about the transition between the two versions on the web.

Another issue that has hindered the transition is the availability of third-party libraries. Usually, a Python project relies on tens of external libraries, and of course, when you start a new project, you need to be sure that there is already a Version-3-compatible library for any business requirement that may come up. If that's not the case, starting a brand-new project in Python 3 means introducing a potential risk, which many companies are not happy to take.

At the time of writing, though, the majority of the most widely used libraries have been ported to Python 3, and it's quite safe to start a project in Python 3 for most cases. Many of the libraries have been rewritten so that they are compatible with both versions, mostly harnessing the power of the six library (the name comes from the multiplication 2 x 3, due to the porting from Version 2 to 3), which helps introspecting and adapting the behavior according to the version used. According to PEP 373 (https://legacy.python.org/dev/peps/pep-0373/), the end of life (EOL) of Python 2.7 has been set to 2020, and there won't be a Python 2.8, so this is the time when companies that have projects running in Python 2 need to start devising an upgrade strategy to move to Python 3 before it's too late.

On my box (MacBook Pro), this is the latest Python version I have:

>>> import sys

>>> print(sys.version)

3.7.0a3 (default, Jan 27 2018, 00:46:45)

[Clang 9.0.0 (clang-900.0.39.2)]

So you can see that the version is an alpha release of Python 3.7, which will be released in June 2018. The preceding text is a little bit of Python code that I typed into my console. We'll talk about it in a moment.