Django Best Practices
So you’ve decided to learn how to build websites with Python and Django. Good choice.
This is a list of Django best practices I actively maintain. If you disagree with something, leave a comment below.
- Use Pipenv to manage virtual environments
- Always use a custom user model
- Use a generic class based view (GCBV) if possible, otherwise prefer class based views to function based views
- Use environment variables for everything “secret” like
- Use multiple settings files so
DEBUGnever runs in production
- Use Postgres locally with Docker.
- Have unit and integration tests. Everywhere. The more the better.
- Use Pony Checkup for a one-step security check of your site
- Always use the latest version of Django
- Deploy with SSL/HTTPS
- Change your admin url to anything but
3rd Party Packages
- django-debug-toolbar - invaluable source of debug messages and SQL queries on each page
- django-extensions - tons of goodies especially
- django-allauth provides social auth and user email confirmation
- Whitenoise for serving static files (can also use S3)
- Sentry for logging errors