Building a backend for a web application is tricky. It involves selecting a language that you are comfortable with and then picking a web framework built on top of that language to avoid writing things from scratch.
There are a ton of web frameworks out there, each designed to address specific needs. The Django web framework addresses all of those needs to a reasonable extent and hence it is preferred by companies like Spotify and Instagram.
## What is Django?
*Fun fact: Django was named after the jazz guitarist* [*Django Reinhardt*](https://en.wikipedia.org/wiki/Django_Reinhardt)*.*
Django is an open source web framework built on top of python. The primary purpose of Django is to enable super fast development of backend applications.
A backend application is nothing but an interface to a database meant for reading the data models and presenting it to a user in a form that they understand. It is also responsible for creation of new entries in the database and updating existing data.
**Why use a web framework?**
If one has to do this from scratch here is what will happen. First you will realise that raw SQL queries would have to be written to manipulate the database and this stops scaling pretty quickly.
You might then resort to writing your own wrapper on top of the raw SQL queries so that you don’t end up repeating a lot of code. Great, but what about security? Anybody could easily run an SQL injection if you let users interface with raw queries.
So now you spend some more developer resources to take care of this problem, but before you can sit back and relax you will realise that you still haven't handled security vulnerabilities like cross site scripting and clickjacking.
Let us assume that you have a very high will power and managed to handle this problem as well. How do you plan to expose your backend to your frontend (web/mobile app)?
You will do so using the HTTP protocol right? Well have you written a library to handle all the nuances involved with accepting a HTTP request in accordance with the protocol, authenticate the origin of the request, and then generate a response after running your business logic?
Of course not! Because it is 2021 and there are so many libraries and frameworks that already do a perfect job of handling all of this.
**Do not reinvent the wheel**
This is where Django or any other framework for that matter comes into the picture. Django is commonly referred to as a “batteries included” solution that takes care of everything I just mentioned and it does it really well.
It’s been written and maintained by very experienced developers who are most definitely smarter than me, so it makes no sense to rewrite everything that they've written. Instead my time is better spent on building on top of Django.
## Why you should use Django
The question is no longer if a web framework should be used or not but whether or not you should choose Django over the other web frameworks.
This is a valid question because Django is not a silver bullet that solves all your problems. Here are few problems that it does solve though.
By virtue of being written in python, the syntax of Django is straightforward and easy to use. It pretty much looks like the english language. Anybody familiar with Python will not have too much trouble picking it up.
Django offers a Object Relational mapping that turns database tables into objects which anybody familiar with OOPS can easily understand.
This also helps abstracting out the database level operations which the developer need not be aware of.
**An admin interface**
Django provides a rich UI out of the box which you can use to perform CRUD operations on your data without writing a single piece of additional code.
You can also add users who will have access to the admin interface and restrict their permissions to define which database models they will have read/write access to.
**Handling security vulnerabilities**
cross site scripting, clickjacking and SQL injections are addressed out of the box.
In addition to this, Django is pretty prompt with introducing new security patches and is quick to notify the community when new vulnerabilities are found.
Writing REST APIs using Django is a breeze. They have excellent libraries to handle HTTP requests and responses.
Django uses a Model-View-Controller architecture, however it prefers to take a different approach to its implementation and is commonly referred to as a Model-Template-View or a MTV architecture.
This is because a Django view is actually a controller that decides how data is accessed and the “view” in MVC actually refers to a Django template which decides how a user sees this data. There is no difference in the “model” part of MVC
This is how MVC works in Django:
Model <--> Model
View <--> Template
Controller <--> View
**An active community**
Django is very well documented and has a huge community that contributes to it on a regular basis.
This reduces chances of getting stuck on a problem that you don't understand. A quick google search is usually enough to remove any blockers.
**Single source of truth**
If your use case demands your frontend and backend code to exist in the same place, Django is a good choice.
There is very less likelihood that further development and support for Django will stop anytime soon, because huge companies have built their products using this framework.
## When not to use Django
Like I said before, Django is not a silver bullet. Here are some reasons why you should not use Django.
**Building a simple app**
If you are building an application that does not require any complicated actions. For instance, you might be building an application that just receives data from a webhook and pushes it to a queue. In such cases I would recommend using [Flask](https://flask.palletsprojects.com/en/1.1.x/) over Django.
**High learning curve**
If your team members are not at all familiar with Python/Django, it’s best to go with a framework they are most comfortable with, otherwise it could delay development to a great extent.
**A strong reason to build everything from scratch**
Sometimes building things from scratch is a better solution than using a framework. But make sure you know what you are doing.
If you go down this path, you have my respect.
**Need for microservices**
You might have a team with a wide range of skills in terms of languages and frameworks. In this case you might have to delegate work by letting each module be built as a separate microservice that will be maintained by a specific person/team.
Django could still be used for this purpose but you wont end up using a lot of features that it offers.
## Closing notes
In my opinion, Django not only helps with rapid development, but it also serves as a great tool to teach people software development. I can say this because it is the first framework I learnt when I started coding.
Django also has a lot of street cred in that many known companies use it. Some of these include
Additionally, [here](https://djangosites.org/) is a list of websites that are powered by Django.
In conclusion, Django covers a wide range of use cases which include high volumes of content and user interactions as well as small scale applications. So no matter what your goal maybe, it is a safe choice to go with.
Originally posted in my [Wholesome Django](https://www.sankalpjonna.com/newsletter) newsletter.