Re: Architectural suggestions for (Django + API)

[Carl Meyer]

Hi Julio,

On 08/16/2015 04:59 PM, julio.lace...@m2agro.com.br wrote:
> I created a project using Django (let's call this Project A) and now I
> decided to start a new one but this time it is an API using Django REST.
> So, for now I have to refactor Project A to consume data from API, but
> in order to do that I need to duplicate all my models files in both
> projects. The question is how can I avoid this? Is there another way to
> do that?

I don't quite understand why the situation you describe requires
duplicating models files. Is the canonical data storage now in Project B
instead of Project A, and Project A gets the data via Project B's REST
API? In that case, why does Project A need those models anymore?

> I see that /moving models /from Project A to API as something natural
> but to have an empty models file in Project A I need to change some
> concepts, for removing ModelForms and put all validation logic using Form.

Well, yes, but it seems to me that those types of changes in the Project
A codebase will be required regardless, since it now wants to save the
data via a REST API, not to its own database. How does a ModelForm help
with that?

> How do you guys see this? Would you recommend something different? Is
> that a good idea?
> 
>  1. Project A (Models) <---> API (same models??? How can I handle that?)
>  2. Project A (No models) <---> API (Models)

The latter. I don't understand how the first option would even work.

But if you _do_ want to share some models between two projects, for
whatever reason, you can do it the same way you'd share any other code:
put the models in a reusable app and install it in both projects.

Carl

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/55D16270.8010506%40oddbird.net.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: OpenPGP digital signature

Re: Not able to retain data in session after login

[Dheerendra Rathor]

Make sure you're not using 'dummyCache' in CACHE setting. And also check if 
you're not accidentally destroying the session. 

On Monday, 17 August 2015 00:25:14 UTC+5:30, Anil Kumar wrote:
>
> Hello All,
>
> In my web application, I am making an ajax call to save data in session as 
> user clicks on login button.
> After saving form data in session, control passes to login and after 
> successful login, data saved in session is not there. I guess new session 
> is being created after logging in.
> How can I retain form data filled by user before logging in.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/b43197d9-2d62-4806-bc43-0fc2f021056c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Efficient Large Binary File Streaming

[kanav002]

This is my first week using Django and version 1.8 in particular. I'm 
trying to figure out the best way to stream a raw, large, continuously 
growing binary file to a plotting function that is continuously updating 
the last 600 bytes of the binary file. This is primarily a client side 
application. I have seen many streaming snippets and the 
StreamingHttpResponse module but am not sure which streaming method will be 
optimal. I'm also not sure if streaming methods are the correct approach. 
Can I just read the file with Python and plot in a browser window? Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/77018f70-2568-4a80-a6d1-c928c73617ef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

modelcluster

[William Dimas]

Hi everyone!

I'm begginer on Django.
I download tar.gz file from django modelcluster, but I have no idea how to 
install it.
Other apps I've been installed via apt-get install.

Thanks in advance.

William Dimas

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/5440c72d-27ca-4482-9e6d-8a2992997aa7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Architectural suggestions for (Django + API)

[James Schneider]

Are you adding REST functionality to an existing project? Or will you be
using a separate instance to provide only REST services and maintain two
different code bases?

I believe you can use the django-rest-framework to utilize the same views
(literally) to provide a REST interface, so you may not need to rewrite or
copy anything, just add a few bits of code to make your views aware of
incoming REST requests, some URL additions, and serializers for your
models.

http://www.django-rest-framework.org/

-James
On Aug 16, 2015 3:59 PM,  wrote:

> Hey guys,
>
> I have a question about an architectural issue and I would like to hear
> some suggestions about it.
>
> I created a project using Django (let's call this Project A) and now I
> decided to start a new one but this time it is an API using Django REST.
> So, for now I have to refactor Project A to consume data from API, but in
> order to do that I need to duplicate all my models files in both projects.
> The question is how can I avoid this? Is there another way to do that?
>
> I see that *moving models *from Project A to API as something natural but
> to have an empty models file in Project A I need to change some concepts,
> for removing ModelForms and put all validation logic using Form.
>
> How do you guys see this? Would you recommend something different? Is that
> a good idea?
>
>1. Project A (Models) <---> API (same models??? How can I handle that?)
>2. Project A (No models) <---> API (Models)
>
> Thanks in advance!
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/11d2f88e-a159-4e7b-903f-80d0f6e8e74a%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2Be%2BciUbJzBVKhM5qgQTtf_F-RnZBeXJaB%3D8yBP6vWUNqyyVGQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Architectural suggestions for (Django + API)

[julio . lacerda]

Hey guys,

I have a question about an architectural issue and I would like to hear 
some suggestions about it.

I created a project using Django (let's call this Project A) and now I 
decided to start a new one but this time it is an API using Django REST. 
So, for now I have to refactor Project A to consume data from API, but in 
order to do that I need to duplicate all my models files in both projects. 
The question is how can I avoid this? Is there another way to do that?

I see that *moving models *from Project A to API as something natural but 
to have an empty models file in Project A I need to change some concepts, 
for removing ModelForms and put all validation logic using Form.

How do you guys see this? Would you recommend something different? Is that 
a good idea?

   1. Project A (Models) <---> API (same models??? How can I handle that?)
   2. Project A (No models) <---> API (Models)
   
Thanks in advance!

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/11d2f88e-a159-4e7b-903f-80d0f6e8e74a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Not able to retain data in session after login

[Anil Kumar]

Hello All,

In my web application, I am making an ajax call to save data in session as 
user clicks on login button.
After saving form data in session, control passes to login and after 
successful login, data saved in session is not there. I guess new session 
is being created after logging in.
How can I retain form data filled by user before logging in.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/67fdc53d-e065-4ec9-958c-14cd1ff343cd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django: "Fake" multiple inheritance

[gst]

Will you care share it? 
I found the question interresting..
Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/dd4e0868-7a69-4d46-87b3-a9b3e153f21d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Encrypted web mail

[Sergiy Khohlov]

Anyway this not solve Uri problem. Man in black ask about access to the
user private data. Problem with auth by hash? It is not a problem. Reset
password generates new hash.
Let's imagine:
Bad guy hack into system and has all data. passwords hash other tricks
hosting at the server side is not a problem. This guy has time to sort out
all parts. One good way is use public and private keys private is stored at
user PC only. Retrieving crypted data to user PC and uncrypt at client side
is a way to solve this problem.
If some market is for this task it is possible to start, but not for free.
Software part requires 6-8k$. But you should check some rules with lawyer.
16 серп. 2015 16:16 "Uri Even-Chen"  пише:

>
> On Sun, Aug 16, 2015 at 11:18 AM, Avraham Serour 
> wrote:
>
>> no, passwords shouldn't be encrypted, you should store hashes, just use
>> the django default auth app
>>
>> Yes, I meant storing the hash in the database and not the password.
>
> Uri.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CAMQ2MsEn4ZeUjNVoXOX0AEe67_q_SLH-bz57_nrPS%3DwgFhz2Pg%40mail.gmail.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CADTRxJMjTNkPv8NRCLV6uqtvz7RX2gV2L190UzP6tNUX2RNMew%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Learning Python and Django and should I?? (I have a year of 10 or so hours a week)

[François Schiettecatte]

Why not learn both, seriously, spend 6 months learning one and then 6 learning 
the other. Bigger range of skills means you are more marketable. 

François

> On Aug 16, 2015, at 9:45 AM, graeme  wrote:
> 
> A lot of it is a matter of personal preference, and a lot comes down to 
> whether you prefer Python or Ruby.
> 
> Python is more general purpose than Ruby, and a lot more general purpose than 
> PHP, so it is much more likely to be useful outside web apps, or if you need 
> unusual functionality within a web app - python has a huge range of libraries 
> available.
> 
> On Saturday, August 15, 2015 at 2:52:07 AM UTC+5:30, Rotimi Ajayi-Dopemu 
> wrote:
> Hi all,
> I am sure this question has been beaten into the ground but hopefully I can 
> get some specific insight so I don't waste time in the future. Thanks in 
> advance.
> 
> The question:
> I have a year to learn a new programming language for web application 
> development. I will be learning concurrently with going to school so I have 
> about 10 hrs a week give or take. So the question is this should I learn Ruby 
> on Rails or Python/Django???
> 
> Background Info about why:
> I am a student studying Cognitive Science and want to work as either a UX 
> designer or a Full Stack Engineer, I am leaning towards Full Stack 
> Engineering and designing more for the front end in my after hours. I don't 
> have a serious girlfriend (lol) and my life is pretty simple so I know this 
> is what I want to do. I am committed. I know PHP fairly well and can use 
> Wordpress and Joomla for whatever. I am familiar with MVC through use of a 
> popular PHP framework called Codeigniter. Oh yeah, I used C++ pretty heavily 
> about 10 years ago building Windows Applications...and loved it.
> 
> What I will be using it for:
> After I graduate in a year and after learning the language I decide on I plan 
> to develop a full blown web application. I don't know if this is too 
> ambitious but all I'm willing to say now is it is like Pintrest but not a 
> clone. I have fully developed the concept for a long time now and will have 
> the features down pat by then. My goal is to invest my time on a prototype 
> and release it, then hopefully get with a team or even investors if it works 
> and develop it more. If it doesn't work out then Plan B is to use my 
> skill-set in a full time position with a company in a tech hub somewhere in 
> the US. Plan B might turn into Plan A in a year depending on my money 
> situation.
> 
> So there are three aspects to this question: Should I learn Django/Python or 
> Ruby on Rails? is Plan A(the web app) feasible with just me and 
> Django/Python? How does Python fair in the work market?
> 
> I know all this may seem like a lot to ask but this is really just a test of 
> this forums activity. I have been pretty avid on staying with PHP or maybe 
> going back to C++ because this HTML/CSS situation I usually work with these 
> days tends to get on my nerves. 
> 
> Last thing to add for this thread (I swear) is: one thing that really irks me 
> about web development is the lack of real debugging tools that work 
> flawlessly. Maybe it is just I haven't learned them yet but I know in PHP you 
> are stuck with using Xdebug through your browser (although I just found a new 
> debugger that only works in recent versions of PHP) so if anyone could just 
> give a 1+ to integrated debugging with Python Django that would be great.
> 
> Thanks again if you read this far.
> Feel free to contact me if you have a similar web application in the works, I 
> have no doubt there probably is.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/django-users/ec08c90a-e9ce-4c71-9f12-02b4484aefb9%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/48663B49-7E4E-4014-9F81-1B39D9C0BCD7%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Learning Python and Django and should I?? (I have a year of 10 or so hours a week)

[graeme]

A lot of it is a matter of personal preference, and a lot comes down to 
whether you prefer Python or Ruby.

Python is more general purpose than Ruby, and a lot more general purpose 
than PHP, so it is much more likely to be useful outside web apps, or if 
you need unusual functionality within a web app - python has a huge range 
of libraries available.

On Saturday, August 15, 2015 at 2:52:07 AM UTC+5:30, Rotimi Ajayi-Dopemu 
wrote:
>
> Hi all,
> I am sure this question has been beaten into the ground but hopefully I 
> can get some specific insight so I don't waste time in the future. Thanks 
> in advance.
>
> The question:
> I have a year to learn a new programming language for web application 
> development. I will be learning concurrently with going to school so I have 
> about 10 hrs a week give or take. So the question is this should I learn 
> Ruby on Rails or Python/Django???
>
> Background Info about why:
> I am a student studying Cognitive Science and want to work as either a UX 
> designer or a Full Stack Engineer, I am leaning towards Full Stack 
> Engineering and designing more for the front end in my after hours. I don't 
> have a serious girlfriend (lol) and my life is pretty simple so I know this 
> is what I want to do. I am committed. I know PHP fairly well and can use 
> Wordpress and Joomla for whatever. I am familiar with MVC through use of a 
> popular PHP framework called Codeigniter. Oh yeah, I used C++ pretty 
> heavily about 10 years ago building Windows Applications...and loved it.
>
> What I will be using it for:
> After I graduate in a year and after learning the language I decide on I 
> plan to develop a full blown web application. I don't know if this is too 
> ambitious but all I'm willing to say now is it is like Pintrest but not a 
> clone. I have fully developed the concept for a long time now and will have 
> the features down pat by then. My goal is to invest my time on a prototype 
> and release it, then hopefully get with a team or even investors if it 
> works and develop it more. If it doesn't work out then Plan B is to use my 
> skill-set in a full time position with a company in a tech hub somewhere in 
> the US. Plan B might turn into Plan A in a year depending on my money 
> situation.
>
> So there are three aspects to this question: Should I learn Django/Python 
> or Ruby on Rails? is Plan A(the web app) feasible with just me and 
> Django/Python? How does Python fair in the work market?
>
> I know all this may seem like a lot to ask but this is really just a test 
> of this forums activity. I have been pretty avid on staying with PHP or 
> maybe going back to C++ because this HTML/CSS situation I usually work with 
> these days tends to get on my nerves. 
>
> Last thing to add for this thread (I swear) is: one thing that really irks 
> me about web development is the lack of real debugging tools that work 
> flawlessly. Maybe it is just I haven't learned them yet but I know in PHP 
> you are stuck with using Xdebug through your browser (although I just found 
> a new debugger that only works in recent versions of PHP) so if anyone 
> could just give a 1+ to integrated debugging with Python Django that would 
> be great.
>
> Thanks again if you read this far.
> Feel free to contact me if you have a similar web application in the 
> works, I have no doubt there probably is.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/ec08c90a-e9ce-4c71-9f12-02b4484aefb9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django: "Fake" multiple inheritance

[Michael Herrmann]

Thank you Daniel,

I found another way.

Best,
Michael

On 14 August 2015 at 23:17, Daniel H  wrote:

> Hi Michael.
>
> First of all, setting the pk to the pk of a different model will do
> nothing.
>
> You can do this however, using Foreign Keys
> 
>
> restaurant = models.ForeignKey('Restautant')
>
> Then declare a new hotel object like this:
>
> restaurant = Restaurant.objects.get(name='Will soon be a hotel')
> Hotel.objects.create(restaurant=restaurant.pk)
>
> What does the "Place" table represent?
>
>
> On Friday, August 14, 2015 at 7:35:26 AM UTC-7, mic...@herrmann.io wrote:
>>
>> Hi all,
>>
>> suppose I have the following model structure
>>
>> from django.db import models
>>
>> class Place(models.Model):
>> name = models.CharField(max_length=50)
>>
>> class Restaurant(Place):
>> ...
>>
>> class Hotel(Place):
>> ...
>>
>> I already have a Restaurant in my database. This Restaurant is now also
>> becoming a Hotel. I would like to declare this in the database as follows:
>>
>> restaurant = Restaurant.objects.get(name='Will soon be a hotel')
>> Hotel.objects.create(pk=restaurant.pk)
>>
>> Is this a safe thing to do?
>>
>> Thanks,
>> Michael
>>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Django users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/django-users/26Qu9-wJ1gA/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/c270d98c-7a14-4870-9f04-3ccfcb3abeb3%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 
[image: Inline image 1]

Michael Herrmann, MSc
Alser Straße 18/26
1090 Wien
Tel.: +43 699 11 65 16 40
Email: mich...@herrmann.io

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CABrKpmBK%3DY7oqufPj7OhmAT7WJ2i9t8XevuftO8-OS46BHWyjA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: About local apps communication

[durirompepc]

Thanks for the responses. Now I'll try to explain ahead:

If both apps are running on the same host (or more concisely, both apps can 
> access the database for app1), why not just add a database router to app2 
> and have it pull the information directly?
> https://docs.djangoproject.com/en/1.8/topics/db/multi-db/
> Another option would be to have logic in app2 that can query against app1 
> via typical HTTP REST requests (perhaps triggered by an HTTP call to a view 
> in app2 if the info needs to be pulled on demand), using app2 as if it were 
> a regular client for app1.
> A third option if the information is synced on a regular basis would be to 
> write Django management commands and run them on a schedule via cron to 
> pull the data from app1 to app2.
> These options are in order of preference, as direct DB access is the 
> fastest and easiest to manage, but may be negatively affected if the schema 
> changes in app1.
>
 

[...]

 

Ah yes, my answer only applies if you have two separate instances of Django 
> running with separate databases. That was my assumption since the full 
> database is available to all apps within a single Django instance as 
> Stephen mentioned. 

 

 

-James

 
I think that the optimal option would be the second one (doing a request), 
because of the background of the apps maybe the client would only use the 
user app, for example. And no, it'll be just one instance of Django for the 
apps.


These are all in the same project, right? In your app2 just do:
> from app1.models import MyUserModel
> Or maybe factor out the logic of app1/resources/user to a function and do 
> from app2:
> from app1.utils import get_user_logic
> There's no special communication between Django apps required. All the 
> code from every app in your project (INSTALLED_APPS) is loaded 
> into/available from your current interpreter instance. 


That's the point, they are in the same project, and supossed to be (because 
it'll be a package with more than one app). I though that doing something 
with *INSTALLED_APPS* would work, but didn't know about that *import*. And 
about the factoring function, yeah, it is supossed to be REST, so a 
*utils.py* or *rest.py* file should do the work.


Thanks again both.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/2aec1f5c-790c-44f6-9302-9c85b817cbef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Encrypted web mail

[Uri Even-Chen]

On Sun, Aug 16, 2015 at 11:18 AM, Avraham Serour  wrote:

> no, passwords shouldn't be encrypted, you should store hashes, just use
> the django default auth app
>
> Yes, I meant storing the hash in the database and not the password.

Uri.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAMQ2MsEn4ZeUjNVoXOX0AEe67_q_SLH-bz57_nrPS%3DwgFhz2Pg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: About local apps communication

[James Schneider]

Ah yes, my answer only applies if you have two separate instances of Django
running with separate databases. That was my assumption since the full
database is available to all apps within a single Django instance as
Stephen mentioned.

-James
On Aug 16, 2015 3:55 AM, "Stephen J. Butler" 
wrote:

> These are all in the same project, right? In your app2 just do:
>
> from app1.models import MyUserModel
>
> Or maybe factor out the logic of app1/resources/user to a function and do
> from app2:
>
> from app1.utils import get_user_logic
>
> There's no special communication between Django apps required. All the
> code from every app in your project (INSTALLED_APPS) is loaded
> into/available from your current interpreter instance.
>
> On Sun, Aug 16, 2015 at 5:33 AM,  wrote:
>
>> I had searched in the web about local communication between apps, but I
>> didn't find anything (or, at least, didn't catch it) about calling an app
>> from another. Let's say I've this:
>> http://localhost:8000/app1/resources/user?id=123
>> http://localhost:8000/app2/list_users
>>
>> Each app (by the way, first time doing a really *RESTfull* service,
>> maybe I'm wrong with the style) have their models. *app1* have a table
>> for *user*, and *app2* needs to communicate with it to list all the
>> users (gived or not a QUERYSTRING for filtering). From *app2.views*, how
>> could I get that data in a Django way?
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to django-users+unsubscr...@googlegroups.com.
>> To post to this group, send email to django-users@googlegroups.com.
>> Visit this group at http://groups.google.com/group/django-users.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/django-users/34bdde3e-6422-49e0-9285-9113ed0abf7d%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CAD4ANxUcz8urnNam-iLgacB0hMOjuS6EqFQbfGMy1%2BBbtfxdSQ%40mail.gmail.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2Be%2BciVGUgEAkiAOwypFnNKhhD9LKPwD1aea32B%3Dv7%3DgXBfQPQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: About local apps communication

[Stephen J. Butler]

These are all in the same project, right? In your app2 just do:

from app1.models import MyUserModel

Or maybe factor out the logic of app1/resources/user to a function and do
from app2:

from app1.utils import get_user_logic

There's no special communication between Django apps required. All the code
from every app in your project (INSTALLED_APPS) is loaded into/available
from your current interpreter instance.

On Sun, Aug 16, 2015 at 5:33 AM,  wrote:

> I had searched in the web about local communication between apps, but I
> didn't find anything (or, at least, didn't catch it) about calling an app
> from another. Let's say I've this:
> http://localhost:8000/app1/resources/user?id=123
> http://localhost:8000/app2/list_users
>
> Each app (by the way, first time doing a really *RESTfull* service, maybe
> I'm wrong with the style) have their models. *app1* have a table for
> *user*, and *app2* needs to communicate with it to list all the users
> (gived or not a QUERYSTRING for filtering). From *app2.views*, how could
> I get that data in a Django way?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/34bdde3e-6422-49e0-9285-9113ed0abf7d%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAD4ANxUcz8urnNam-iLgacB0hMOjuS6EqFQbfGMy1%2BBbtfxdSQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: About local apps communication

[James Schneider]

If both apps are running on the same host (or more concisely, both apps can
access the database for app1), why not just add a database router to app2
and have it pull the information directly?

https://docs.djangoproject.com/en/1.8/topics/db/multi-db/

Another option would be to have logic in app2 that can query against app1
via typical HTTP REST requests (perhaps triggered by an HTTP call to a view
in app2 if the info needs to be pulled on demand), using app2 as if it were
a regular client for app1.

A third option if the information is synced on a regular basis would be to
write Django management commands and run them on a schedule via cron to
pull the data from app1 to app2.

These options are in order of preference, as direct DB access is the
fastest and easiest to manage, but may be negatively affected if the schema
changes in app1.

-James
On Aug 16, 2015 3:33 AM,  wrote:

> I had searched in the web about local communication between apps, but I
> didn't find anything (or, at least, didn't catch it) about calling an app
> from another. Let's say I've this:
> http://localhost:8000/app1/resources/user?id=123
> http://localhost:8000/app2/list_users
>
> Each app (by the way, first time doing a really *RESTfull* service, maybe
> I'm wrong with the style) have their models. *app1* have a table for
> *user*, and *app2* needs to communicate with it to list all the users
> (gived or not a QUERYSTRING for filtering). From *app2.views*, how could
> I get that data in a Django way?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/34bdde3e-6422-49e0-9285-9113ed0abf7d%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2Be%2BciUPkS-9WcHYqTt4_kumwhEKtLX47MPEhJoWbKKawobPoA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

About local apps communication

[durirompepc]

I had searched in the web about local communication between apps, but I 
didn't find anything (or, at least, didn't catch it) about calling an app 
from another. Let's say I've this:
http://localhost:8000/app1/resources/user?id=123
http://localhost:8000/app2/list_users

Each app (by the way, first time doing a really *RESTfull* service, maybe 
I'm wrong with the style) have their models. *app1* have a table for *user*, 
and *app2* needs to communicate with it to list all the users (gived or not 
a QUERYSTRING for filtering). From *app2.views*, how could I get that data 
in a Django way?

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/34bdde3e-6422-49e0-9285-9113ed0abf7d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Encrypted web mail

[Avraham Serour]

no, passwords shouldn't be encrypted, you should store hashes, just use the
django default auth app

On Sun, Aug 16, 2015 at 9:09 AM, Uri Even-Chen  wrote:

> Hi Dennis,
>
>
>
> On Sat, Aug 15, 2015 at 7:35 PM, Dennis Lee Bieber 
> wrote:
>
>> On Sat, 15 Aug 2015 12:47:17 +0300, Uri Even-Chen 
>> declaimed the following:
>>
>> >To Python, Django and Speedy Mail Software developers,
>> >
>> >Is it possible to make Speedy Mail encrypted? I want mail to be encrypted
>> >on the server, and only the user will be able to read his/her mail. The
>> >user's password will be encrypted on the server and nobody will be able
>> to
>>
>> Most systems I know of don't store the password on the server in
>> the
>> first place. They store a one-way hash generated from the password
>> (possibly using a randomly generated salt that is also saved with the hash
>> -- that is, rather than just hash "password" into "hashstring", they hash
>> "saltpassword" into "otherhash" and prepend the "salt" -> "saltotherhash".
>> When user comes to connect later, they match the user name in the password
>> database, extract the "salt" from "saltotherhash", attach it to the
>> password given by the user, generate the hash, and see if it matches the
>> rest of the saved hash). The hash value is only used for matching
>> purposes,
>> not for any subsequent processing -- it is not a cryptography key, nor is
>> any cryptography key used to produce it.
>>
>>
> Thanks for the feedback. Actually the passwords on my webmail in 2000 to
> 2005 were not encrypted, but I agree with you that passwords should be
> always encrypted.
>
>
>
>
>> >read the user's mail except the user himself. Is it possible? When  I had
>>
>> How do you intend to handle new inbound email? After all, the
>> sender of
>> the email sure won't know about any user encryption key -- that means you
>> have to have the encryption key stored on your server associated with the
>> recipient username, so that you can encrypt inbound email before putting
>> it
>> into the user's mailbox... Do you also intend to encrypt the header
>> information or just the body of the message?
>>
>> A public key system MIGHT support that, in that the public key --
>> used
>> to "send to" the recipient is only used to encrypt the data, and can be
>> stored on your server (in the same username/password account file). The
>> private (decryption) key would have to be stored on the user's computer
>> and
>> never provided to your server machine -- and you'd need some way to send
>> individual encrypted messages to the user where they are decrypted on
>> their
>> computer, NOT ON the server. You'd also need to be able to identify which
>> messages are new, read, deleted -- if the mailbox is encrypted, this
>> likely
>> means each message is a file within the mailbox, since you can't do things
>> like mark and compress an MBOX (all mail is in one file with a special
>> header marking the start of a message) file without corrupting the
>> encryption stream.
>>
>> If, at anytime, the decryption key is on the server, you have
>> lost the
>> security you claim to be striving for -- as any court ordered system could
>> just patch in a packet sniffer and wait for your user to connect, capture
>> the password, and capture the decryption key if it is sent to the server
>> to
>> retrieve mail (though they don't even need it at that point -- they could
>> just capture the decrypted contents being sent to the user... TLS/SSL
>> sessions may alleviate that problem, but it does mean having certificates
>> to initiate the TLS session keys). If the packets are TLS encrypted, they
>> can require one to patch into the server at the point where the contents
>> are converted back to plain text and capture the traffic.
>>
>> Of course, this now means the user has to carry around a
>> "keyring" that
>> can be accessed by any computer used to read the email (since the
>> decryption key can not be on the server, if they read email from an
>> android
>> tablet they need to have the key installed on the tablet; they also need
>> it
>> on their desktop if they use it to access the server; on their phone if it
>> has a browser, etc.).
>>
>> A Javascript client is probably going to be rather slow at
>> decrypting
>> the emails -- but you may not be able to install a compiled Java
>> encryption
>> package on all the clients out there (you'd have to have something for
>> iOS,
>> something for Android, for Linux, Macintosh, and Windows -- though the
>> latter three might be able to use the same core Java code).
>>
>> We've taken care of inbound email. What were your plans for
>> outgoing
>> email? You can't encrypt that as it is going to other systems and other
>> users who are not part of your server and don't expect to see encrypted
>> stuff. You could perhaps store the already sent messages using the same
>> public key, but you 

Re: Why should I care to use YAML with Django?

[James Schneider]

Probably for the same reasons you might use XML, CSV, or JSON; data
exchange and serialization between systems. YAML is just another
standardized way to encapsulate data structures so that they can be passed
between systems or statically archived consistently.

You could also not care at all if you have no data requirements on other
systems that use YAML.

Without more context, though, there isn't really a proper way to answer
your question.

-James
On Aug 15, 2015 9:10 PM, "Joshua Ellis"  wrote:

> What purpose does it have? What kind of problem am I bound to solve in
> using it?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/3fc97528-4f61-42b4-91c0-ef6f02e2e800%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2Be%2BciWrdFi_KuYgpb0EJug1Fw_PTWEZE34XF0%2BRgHAejfCoeA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Encrypted web mail

[Uri Even-Chen]

Hi Dennis,



On Sat, Aug 15, 2015 at 7:35 PM, Dennis Lee Bieber 
wrote:

> On Sat, 15 Aug 2015 12:47:17 +0300, Uri Even-Chen 
> declaimed the following:
>
> >To Python, Django and Speedy Mail Software developers,
> >
> >Is it possible to make Speedy Mail encrypted? I want mail to be encrypted
> >on the server, and only the user will be able to read his/her mail. The
> >user's password will be encrypted on the server and nobody will be able to
>
> Most systems I know of don't store the password on the server in
> the
> first place. They store a one-way hash generated from the password
> (possibly using a randomly generated salt that is also saved with the hash
> -- that is, rather than just hash "password" into "hashstring", they hash
> "saltpassword" into "otherhash" and prepend the "salt" -> "saltotherhash".
> When user comes to connect later, they match the user name in the password
> database, extract the "salt" from "saltotherhash", attach it to the
> password given by the user, generate the hash, and see if it matches the
> rest of the saved hash). The hash value is only used for matching purposes,
> not for any subsequent processing -- it is not a cryptography key, nor is
> any cryptography key used to produce it.
>
>
Thanks for the feedback. Actually the passwords on my webmail in 2000 to
2005 were not encrypted, but I agree with you that passwords should be
always encrypted.



> >read the user's mail except the user himself. Is it possible? When  I had
>
> How do you intend to handle new inbound email? After all, the
> sender of
> the email sure won't know about any user encryption key -- that means you
> have to have the encryption key stored on your server associated with the
> recipient username, so that you can encrypt inbound email before putting it
> into the user's mailbox... Do you also intend to encrypt the header
> information or just the body of the message?
>
> A public key system MIGHT support that, in that the public key --
> used
> to "send to" the recipient is only used to encrypt the data, and can be
> stored on your server (in the same username/password account file). The
> private (decryption) key would have to be stored on the user's computer and
> never provided to your server machine -- and you'd need some way to send
> individual encrypted messages to the user where they are decrypted on their
> computer, NOT ON the server. You'd also need to be able to identify which
> messages are new, read, deleted -- if the mailbox is encrypted, this likely
> means each message is a file within the mailbox, since you can't do things
> like mark and compress an MBOX (all mail is in one file with a special
> header marking the start of a message) file without corrupting the
> encryption stream.
>
> If, at anytime, the decryption key is on the server, you have lost
> the
> security you claim to be striving for -- as any court ordered system could
> just patch in a packet sniffer and wait for your user to connect, capture
> the password, and capture the decryption key if it is sent to the server to
> retrieve mail (though they don't even need it at that point -- they could
> just capture the decrypted contents being sent to the user... TLS/SSL
> sessions may alleviate that problem, but it does mean having certificates
> to initiate the TLS session keys). If the packets are TLS encrypted, they
> can require one to patch into the server at the point where the contents
> are converted back to plain text and capture the traffic.
>
> Of course, this now means the user has to carry around a "keyring"
> that
> can be accessed by any computer used to read the email (since the
> decryption key can not be on the server, if they read email from an android
> tablet they need to have the key installed on the tablet; they also need it
> on their desktop if they use it to access the server; on their phone if it
> has a browser, etc.).
>
> A Javascript client is probably going to be rather slow at
> decrypting
> the emails -- but you may not be able to install a compiled Java encryption
> package on all the clients out there (you'd have to have something for iOS,
> something for Android, for Linux, Macintosh, and Windows -- though the
> latter three might be able to use the same core Java code).
>
> We've taken care of inbound email. What were your plans for
> outgoing
> email? You can't encrypt that as it is going to other systems and other
> users who are not part of your server and don't expect to see encrypted
> stuff. You could perhaps store the already sent messages using the same
> public key, but you can't do that with in-work drafts stored on the server
> prior to being sent (at least, not without requiring them to pass from the
> server to the client for decryption and then back to the server in
> plain-text for delivery -- deleting the draft copy and saving an encrypted
> sent copy)
>
> I think