Upgrading to Django 1.3?

Should you upgrade to Django 1.3? Upgrade any web framework in your application in general? Try this decision chart here http://www.djangopro.com/2011/03/should-i-upgrade-to-django-1-3/:

Django South Explained

Posted my tutorial on using Django south, the database migration tool, over at DjangoPro. Check it out!

Paul Bissex Presenting at the Boston Django Meetup 2010

Paul Bissex, author of “Python Web Development with Django”, described how he use Django to replace two legacy desktop applications at hallmark.edu at the Boston Django meetup this month. Because of Django’s ease of use and robustness, not only he replaced and deploy those apps easily, the apps has been running error free for a very long time!

Paul Bissex Presenting at the Boston Django Meetup 2010 from PK Shiu on Vimeo.

Jacob Kaplan-Moss on DevOps

Jacob gave a talk at the Boston Django Meetup this month on the topic of DevOps — The role of the developer and the role of sysadmin are merging, and it is a good thing. This idea certainly resonate with me. I started my career as a DevOps by necessity — I worked with a new and proprietary mini-computer, the Stratus. The OS was designed to be a developer’s OS. All the operation support tools are designed for used by developers. It was a great OS to work with. When I moved to the *nix world, I met Ben, still one of the best sysadmin I know, who actually introduced me to Python. The world has come full cycle now. With utility computing and browser based clients, small team with small budgets launch large scale, fast growing web applications, developers need to be their own sysadmin as well.

This is the video of Jacob’s talk. I was a little bit late and missed a few minutes at the beginning.

Jacob Kaplan-Moss on DevOps at Boston Django Meetup 2010 from PK Shiu on Vimeo.

Django CSRF Migration

Like many of you, I am migrating all my Django sites to Django 1.2.1. For sites that are currently in production, I am doing the slow migration route. Just trying to get the site up with 1.2 without using any of the new features yet.

One thing that I ran into is the new CSRF support. If you were not using it before, there really is no change with one exception — all the generic views and admin views requires CSRF protection. This means that if you are using django login view django.contrib.auth.views.login , you have to make sure that any wrapper or custom templates support CSRF.

Specifically:

1. If you use your own login template, you must add {% csrf_token %} to the end of the openning form tag.
2. If you wrap the call to login with your own view, you must add the csrf decorator @csrf_protect to your view, after importing django.views.decorators.csrf.csrf_protect
3. If you use the django.contrib.auth.logout view to redisplay a login form, you have to replace that with a wrapper because the auth.logout view does NOT add the csrf token. (Updated)

Otherwise django will send you a 403 error when you try to login.

My Accidental Connection with Senator Ted Kennedy

Being Chinese in Boston, I always hear positive stories about the late Senator Ted Kennedy helping immigrants. In addition, I agree with most of his political views, he seemed like a good Senator. After learning of his death, I felt we had lost a great man. I added one of his biographies to my Amazon wish list, to learn even more. Other than media, that is the only connection I have had to Ted Kennedy.

Until Thursday.

I was instant messaging with my designer on a project, NPR news streaming in the background when a bit of white noise filtered in. “Did I just heard that the Kennedy Funeral is going to be held at the Basilica of Our Lady of Perpetual Help?” I am familiar with this church, often called the Mission Church, as it is located on Tremont Street, Mission Hill.

About a year ago, my friend, a supporter of the church, asked us to revamp their website. The previous site was, let’s say, a pre FrontPage era website. Donating our services, we redesigned the site. With the limited budget, I photographed the site images myself. Corrie, our designer, touched them up digitally. You can read about the design process on her blog.

After hearing the Funeral location on NPR, I immediately checked the Google analytics for the website we had worked on. It went up over one thousand percent just yesterday, upping a few hits a day to 6,000. But that was before the radio announcements.

[*Update*] The site traffic spiked to a 14000 visits (about 30,000 hits) on Saturday. During the funeral I did embed a live stream from ustream.tv onto the news section, since I assume most visitor at that time wanted to watch it.

I quickly made changes to the site to ensure it could handle the spike in traffic. I notified our hosting company, Web Faction and they agreed to keep an eye out for us on the status of the church site. So far, we have received about 20,000 hits in the last eight hours, averaging one hit every 1.5 seconds. People are hitting the visit us page, and the news page looking for details on the funeral.

I am glad the site has stayed up, and that I caught the news about the Funeral location. We really cannot fault the Church for neglecting to notify us of the pending event so that we could better prepare the website. The church has their hands more than full and I am sure the web site is not top priority.

I am glad we were able to make a very, very small contribution to the Senator’s legacy.

For the techies, the site is done in Django, our web application framework of choice. It uses a custom content management system from my company, Imperial Consulting. The dynamic content is pulled from a Postgresql database. While we provided the Church with bi-lingual capabilities, they have yet to create all the Spanish content. It is supported by some busy and dedicated church volunteers, after all. The pages are cached by memcached at the URL level by the Django cache framework. So far, it is handling the traffic with ease. Keeping our fingers crossed.

Some books on Ted Kennedy

• Last Lion: The Fall and Rise of Ted Kennedy – This one shot up to Amazon’s best seller list, but below Julia Child — it’s a preorder (avail Sept 4th)
• Last Lion: The Fall and Rise of Ted Kennedy

If you can recommend a good biography let me know!

Django Production Error Handler

I am working on an application that, besides providing a dynamic website, also talks to an iPhone application. What happens when the iPhone, or a web visitor, triggered a bug in the application?

Django actually provide a nice mechanism to report error in its “batteries included” goodness. You can easily setup the Django environment so that it will send you an email when a “server error” occurs. You just need to make sure the following is setup:

Outbound email working

The django environment must be able to send outbound emails. The actual requirement depends on your server environment, but you definitely need to have correct values setup for:

settings.EMAIL_HOST
settings.EMAIL_PORT
settings.EMAIL_HOST_USER
settings.EMAIL_HOST_PASSWORD

Admin users

settings.ADMINS — this is a list of lists (or more accurately tuple of tuples)
settings.SERVER_EMAIL — email address of the error reporting from address
Debug Setup

settings.DEBUG=False

500.html and 404.html

Once DEBUG is off, Django will want to display your 500 or 404 page. Create these pages and make them available on one of our template directories.

Example

Here are some sample entries from my settings file:

EMAIL_HOST=’smtp.webfaction.com’
EMAIL_PORT=25
EMAIL_HOST_USER=’my_mailbox_name’
EMAIL_HOST_PASSWORD=’my_mailbox_password’
SERVER_EMAIL=’webmaster@imperial-consulting.com’
ADMINS=( (‘PK Shiu’, ‘support@imperial-consulting.com’),)
DEBUG=False

Reference

• Django settings file settings
• Django e-mail configuration
• Django Error Reporting via Email

Serving favicon in an Django App using Apache

I got a free few minutes to work on my own site here. Since I migrated the site from all static pages to Django served, I still haven’t put back the favicon icon back onto the site. The sites runs under a virtual host in apache2 at WebFaction. This is what you need to put in your httpd.conf file:

alias /favicon.ico /home/your-home/your-app-etc/static/image/favicon.ico

<LocationMatch "\.(jpg|css|gif|pdf|ico)$">
SetHandler None
</LocationMatch>

The alias line tells apache to go look for the favicon.ico file at a static location of your choice.

The LocationMatch directives tell apache to not run those files thru the Django engine.

Resetting Django Admin Password

This barely qualifies for a blog post, but what to do if you loaded, via django-admin.py loaddata
a full json file from someone during testing, and don’t have their user’s password?

Just run the django-admin.py shell, and by hand reset all the passwords:

from django.contrib.auth.models import User
for u in Users:
u.set_password(‘secret’)
u.save()

That’s why you have to keep your shell login and settings files safe !!

J2EE to Django, slides for the Presentation at Cambridge Python Meetup

I gave a short presentation on Django to the Cambridge Python Users group earlier. Nate has a great writeup of the event and the other presentations that evening. I just want to share the slides here. The slides are just visual reminders and do not stand on their own. If you want more info free feel to shoot me an email.

I switched from J2EE to Django as my sole web application platform two years ago and has not looked back since. It allows me to develop, and more importantly maintain, web apps faster and better. It is more time and cost effective for my customers and I.

Slides from J2EE to Django Presentations at Cambrdge Python Group from PK Shiu on Vimeo.