django flask_在Django中重写Flask应用-白红宇

django flask_在Django中重写Flask应用

阅读量：2518 次

发布时间：2019-05-11

本文共 4847 字，大约阅读时间需要 16 分钟。

django flask

I spent Saturday on rewriting a Flask app in Django. The app in question was , which is a very simple CRUD app. And yet, the Flask code was a mess, full of bugs and vulnerabilities. Eight hours later, I had a fully functional Django app that did more and fixed all problems.

我花了星期六在Django中重写Flask应用。有问题的应用程序是，这是一个非常简单的CRUD应用程序。但是，Flask代码是一团糟，充满了错误和漏洞。八个小时后，我有了一个功能齐全的Django应用程序，它可以执行更多操作并解决了所有问题。

原始Flask应用 (Original Flask app)

The original Flask app had a ton of problems. In order to make it anywhere near useful, I would need to spend hours. Here’s just a few of them:

最初的Flask应用存在很多问题。为了使它几乎有用，我需要花费数小时。这里只是其中的一些：

357 lines of spaghetti code (295 SLOC), all in one file

No form data validation, no CSRF protection (it did have XSS protection though)

Login using Mozilla Persona, which requries JavaScript, is a bit kludgey, and feels desolate (and also had me store the admin e-mail list in code)

Geopolitics issues: using country flags for languages

A lot of things were implemented by hand

SQLAlchemy is very verbose

no DB migrations (makes enhancements harder)

Languages implemented as a PostgreSQL integer array

Adding a language required running a command-line script and restarting the app (languages were cached in Python dicts with no way to reload them from the database; that would require talking through uWSGI anyway because there were multiple processes involved)

The templates were slightly hacky (the page title was set in each individual template and not in the view code); menus hacked together in HTML with no highlighting

Python 2.7

357行意粉代码（295 SLOC），全部集中在一个文件中

没有表单数据验证，没有CSRF 保护（尽管确实具有XSS保护）

使用Mozilla Persona（需要JavaScript）登录，有点麻烦，而且感觉很荒凉（还让我在代码中存储了管理电子邮件列表）

地缘政治问题：对语言使用国家/地区标记

很多事情都是手工完成的

SQLAlchemy非常冗长

没有数据库迁移（使增强功能更加困难）

实现为PostgreSQL整数数组的语言

添加一种语言需要运行命令行脚本并重新启动应用程序 （语言已存储在Python字典中，而无法从数据库中重新加载它们；由于涉及多个进程，因此无论如何都需要通过uWSGI进行交流）

这些模板有点怪异（页面标题是在每个单独的模板中设置的，而不是在视图代码中设置的）；菜单被HTML合并在一起而没有突出显示

Python 2.7

改写 (The rewrite)

I started the process by opening , with its wonderful . Now, I have written a couple basic Django apps before, but the majority of them didn’t do much. In other words, I didn’t have a lot of experience. Especially with taking user input and relationships. It took me about 8 hours to get feature parity, and more.

我通过打开及其出色的开始了这一过程。现在，我之前已经写了几个基本的Django应用程序，但是其中大多数并没有做很多事情。换句话说，我没有很多经验。特别是在获取用户输入和关系时。我花了大约8个小时来获得功能对等，还有更多。

Getting all the features was really simple. For example, to get a many-to-many relationship for languages, I had to write just one line.

获得所有功能非常简单。例如，要获得语言的多对多关系，我只需要写一行。

languages languages = = modelsmodels .. ManyToManyFieldManyToManyField (( LanguageLanguage ))

That’s it. I didn’t have to run through complicated SQLAlchemy documentation, which provides a to the same problem.

而已。我不必遍历复杂SQLAlchemy文档，该文档提供了针对同一问题的。

Django also simplified New Relic integration, as the browser JS can be implemented using Django template tags.

Django还简化了New Relic集成，因为可以使用Django模板标签实现浏览器JS。

Django is not without its problems, though. I got a very cryptic traceback when I did this:

但是，Django并非没有问题。当我这样做时，我得到了一个非常隐秘的回溯：

The real problem with this code? I forgot the label= keyword. The problem is, the model API accepts this syntax — verbose_name is the first argument. (I am not actually using the labels though, I write my own form HTML)

这段代码的真正问题是什么？我忘记了label =关键字。问题是，模型API接受此语法-verbose_name是第一个参数。（尽管我实际上并未使用标签，但我编写了自己的表单HTML）

Still, the Django version is much cleaner. And the best part of all? There are no magic global objects (g, session, request) and decorator-based views (which are a bit of syntax abuse IMO).

不过，Django版本要干净得多。而最好的部分呢？没有魔术全局对象（ g ， session ， request ）和基于装饰器的视图（IMO有点语法滥用）。

In the end, I have:

最后，我有：