Explore my thoughts, experiences, and insights.
🚀 Why ASGI Over WSGI? 🔄 Solving Multi-Device Login Conflicts in Django 📱💻🛡️
📌 Problem Statement We want to ensure that each user can only be logged in on one device at a time. Hear's the expected behaviour: When a user logs in from a new device, any existing session on other devices should get: ❌ Logged out immediately, and 🔔 Notified in real-time about the forced logout. Traditional Django projects (which run on WSGI) can't do this in real-time - you'd need pulling or periodic refresh. We needed an instant notification system
Django Context Processors: Explained Step-by-Step
Django context processors are functions that automatically inject global variables into all templates, helping developers follow the DRY principle, maintain consistency, and separate context logic from views. They are registered in the TEMPLATES setting and run whenever a template is rendered, making them ideal for sharing data like user info, site settings, or navigation menus across pages. To ensure efficiency, context processors should be lightweight, only include truly global data, and use unique variable names to avoid conflicts.
🧠 Smart Autosave: 💾 Leveraging localStorage Responsibly in a Multi-User World 🌍👥
Autosave protects us from losing work due to crashes or power cuts. For one user, saving to localStorage works like magic. ✨ But in a multi-user app with logins and private data? 🤔 It can lead to serious problems—like saving someone else’s data by mistake. 😱 That's when localStorage's simplicity can turn into a head-scratching, data-leaking nightmare. 🤯 Join me on a journey through the evolution of an autosave feature, from its deceptively simple beginnings with client-side localStorage to a robust, secure system in a multi-user web application🕵️♀️
🥷 The Mysterious Django 403: CSRF Token Missing (or So I Thought)
🚨 Ever faced a "403 Forbidden – CSRF token missing or incorrect" error in your Django app, even when everything looks perfectly fine? I recently spent hours debugging this issue, only to discover that the real problem was session timeout silently invalidating the CSRF token. In my latest blog, I explain why this happens, why using @csrf_exempt is a bad idea, and how to securely keep sessions alive with a simple Django and JavaScript trick. Instead of disabling CSRF protection, understand the root cause and fix it the right way
🛡️ The Hidden Trap of Django's @login_required Decorator — And How It Broke My Auto-Logout 🕵️♂️
In this blog, I have shared a debugging experience from my Django project where I implemented an auto-logout feature using JavaScript. The goal was to automatically log out inactive users. While the logout worked, a strange issue occurred: after the auto-logout, logging in redirected me to the logout view again—causing an immediate re-logout. This puzzling behavior turned out to be caused by the @login_required decorator, which redirected unauthenticated users to login with a next=/logout/ parameter. The blog dives deep into how @login_required works and how it affected the flow. It's a must-read for Django developers handling session-based workflows.
⚙️ Task Scheduling in Django: A Practical Guide with Real Use Cases
In most web applications, there comes a time when you need to automate things — send an email later, run a report every night, clean up data weekly, or notify users just before a deadline. As a Django developer, I faced this exact situation in a recent project and had to choose between two popular Python tools: Celery and APScheduler.
Building Systems, Solving Problems: My Journey in Backend Development with Django
In this first blog post, I share my journey as a backend developer working with Django and PostgreSQL. I talk about building a dynamic logbook system, the technologies I'm using, and key lessons I've learned so far. This post kicks off a series where I’ll regularly share my real-world development experiences, technical insights, and daily challenges.