Securing Django Applications

Securing Django Applications

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 18m | 220 MB

The protection of user privacy and data is a clear mandate for business success. In this course, learn how to protect your Django web app using essential security and authentication measures. Using a sample project—a pre-built Django web app and a REST API for that web app—instructor Rudolf Olah shows how to add code that keeps your app safe from cyberattacks. Discover how to add SMS two-factor authentication, set up per-object permissions, and leverage per-group permissions to allow groups of users to access, modify, and delete data. Plus, learn how to create audit logs for compliance, implement zero-knowledge encryption, write a unit test to ensure that server data is fully encrypted for a user, and more.
+ Table of Contents

1 Security and Django
2 What you should know
3 What’s included in the project
4 Installing the project
5 Running the server
6 Setting up per-object permissions in Django
7 Enabling per-object permissions in Django
8 Unit test for per-object permissions in Django
9 Creating a group permissions model
10 Unit test for access control and group permissions
11 Adding activity logs for auditing
12 Deleting objects in an audit compliance-compatible way
13 Using ApacheBench to simulate a flood of requests
14 How to ensure actions happen only once
15 Unit testing idempotent actions that should only happen once
16 Using background queues to throttle floods of requests
17 Unit testing background queue flood prevention
18 Per-field encryption of data in Django
19 Unit testing per-field encryption
20 Zero knowledge encryption of data in Django
21 Unit testing zero knowledge encryption
22 Packaging user data for download
23 Using Twilio to send an SMS code
24 Confirming SMS code and enabling 2FA
25 Validating 2FA login before performing actions in Django
26 Unit testing 2FA login requirement for Django REST API
27 Enabling CSRF tokens in Django
28 Unit testing Django forms that use CSRF
29 Next steps