A lot. And it baffles me why hasn't anyone realized that Kenneth Reitz was right about django over a decade ago and all his points are equally valid today.
I will take a well curated package that handles all the problems for me rather than bolting together pieces just so I can feel more ownership of a project.
- Admin panel? Django has me
- Web forms? Django has me
- Testing? Django, again has an out of the box solution
- Latest in security practices[0]? Again, covered for free
Flask, boy oh boy. I want an ORM? Guess I have to search around, Flask-SQLAlchemy has a lot of hits, I guess? Emails? Well, the Flask Mega-Tutorial uses Flask-Mail[1], guess I will use that. Oh look, it has not been updated since 2014[2]. Hope there is not a security flaw in there[3].
Django follows best practices, and has a huge community ensuring that there is adequate coverage and features required for modern development.
FastAPI is the better choice now as its ecosystem is much more up to date and has more batteries included than flask (eg FastAPI has authentication included).
Well no. None of these thing are appealing to me. As much as I hate the modern web, admin panels and forms generated server side are dead. Testing has never been an issue. As for security practices, this statement is as subjective as they come.
I am by no means a fan of flask. However it gives you a lot more freedom to structure your application to your taste. Django is basically a php 5.4 framework with a python syntax.
In this day and age fastAPI is a solid choice, so is falcon and probably half a dozen others.
If you like Flask (I do too), you can do what we used to do before Flask existed (./djngo.com -p project runserver) where .python/project.py in the zip is:
import os
from django.conf import settings
from django.core import management
from django.conf.urls import url
from django.http import HttpResponse
# Django 2.2 Release Notes
# https://docs.djangoproject.com/en/4.1/releases/2.2/
# Documentation
# https://docs.djangoproject.com/en/2.2/
__version__ = 0.1
DEBUG = True
ROOT_URLCONF = 'project'
DATABASES = {'default': { 'ENGINE': 'django.db.backends.sqlite3', 'NAME': 'project.db' }}
SECRET_KEY = os.getenv('SECRET_KEY', 'Please set a SECRET_KEY as an env var.')
if not settings.configured:
settings.configure(**locals())
def index(request):
return HttpResponse('Hello Django!')
urlpatterns = [
url(r'^$', index),
]
if __name__ == '__main__': # pragma: no cover
management.execute_from_command_line()
- Admin panel? Django has me
- Web forms? Django has me
- Testing? Django, again has an out of the box solution
- Latest in security practices[0]? Again, covered for free
Flask, boy oh boy. I want an ORM? Guess I have to search around, Flask-SQLAlchemy has a lot of hits, I guess? Emails? Well, the Flask Mega-Tutorial uses Flask-Mail[1], guess I will use that. Oh look, it has not been updated since 2014[2]. Hope there is not a security flaw in there[3].
Django follows best practices, and has a huge community ensuring that there is adequate coverage and features required for modern development.
[0]: https://docs.djangoproject.com/en/4.2/releases/4.2/ note on the BREACH attack
[1]: https://blog.miguelgrinberg.com/post/the-flask-mega-tutorial...
[2]: https://github.com/mattupstate/flask-mail
[3]: https://github.com/mattupstate/flask-mail/issues/189