I am reading the Tom Aratyn Book - Building Django 2.0 web application. I am on a basic level.
Before migrating my app to the database, he asks to create a database for our Django project. I didn't understand very well how to create this database, he didn't detailed the process. Follow what he says:
" Now that we have a model, we will need to create a table in our database that matches it. We will use Django to generate a migration for us and then run the migration to create a table for our movie model.
While Django can create and run migrations for our Django apps, it will not create the database and database user for our Django project. To create the database and user, we have to connect to the server using an administrator's account. Once we've connected we can create the database and user by executing the following SQL:"
CREATE DATABASE mymdb;
CREATE USER mymdb;
GRANT ALL ON DATABASE mymdb to "mymdb";
ALTER USER mymdb PASSWORD 'development';
ALTER USER mymdb CREATEDB;
I don't know where to type this line of code. Shell? I know his book uses the PostgreSQL database.
Thank you,
To execute commands on the database, you need some kind of client. If you have access to the database server bash, you can use the command line client psql.
For clients with a GUI, pgadmin is the most common. On the interface, you are able to open a window, in which you can insert the SQL commands.
Related
I am new in Django, python , and AWS. I register a user, and I can see the user in my Django admin deployed to AWS. After I write a new feature and 'eb deploy' to AWS. I can see the new feature, but the user I registered before disappear. Can any one help?
#zijila The database is not going to carry over. It is probably a SQLite database for testing purposes. You probably wiped that DB out when you deployed using AWS EB. You should set up a MySQL database in AWS using Aws RDS. add the connection string to that DB and create a new user. That way the user is persisted when you redeploy.
Tip: Try not to write in the answer field when you respond on StackOverflow. Use the comment.
I'm currently connecting to a Postgres db from a Python script and I'm using sqlalchemy with psycopg2:
postgresql+psycopg2://user:password#host:port/dbname[?key=value&key=value...]
This Python script is available to users, and the password is shown in clear text. How can I use an encrypted password instead?
Generally, this is done in a few different ways.
1. Hide your database behind a REST API
Basically, don't make the database directly accessible to users. Provide an interface like a REST API or something similar for users to interact with the database. The username and password are only stored on the server side.
2. Create another DB user with less privileges and only distribute that user.
Your postgres database can have multiple users. Don't give them the user and password for the db owner. Just create a user with less privileges (read-only maybe?) and distribute that user and password.
I'm planning to develop web UI something like iSQL*Plus-oracle but, for most common databases. Just take input query from user and return result with save options,etc.
So, for connecting to external data bases, what is advisable way,
1. Using django model and raw sql or,
2. with modules outside django - sqlalchemy+mysqldb,psycopg..?
Going through django documentation my understanding is db connections has to be in settings.py and I could not add from user input. Is my understanding is true or not?
I'm new to django not to python.
An ORM (something like Django's models or sqlalchemy) is a really helpful abstraction to help map tabular data in the database to the objects its being used to model in your code. It won't help with connecting to databases provided by the user since you won't know what the schema of the database is you're connecting to, nor what you are going to receive back from a query.
With django, the database defined in settings.py is used to store information related to your app such as user credentials, migrations as well as whatever else you define in your models.py files. So definitely don't try to change that dynamically as it is being used to store the state of your application for all users.
If you need to connect to external databases and run user-supplied queries, you can do that inside a view using the appropriate database driver. So psycopg2 for postgres would be fine.
I'm developing a project with django where each user is supposed to have one database.
I found a way to do so :
Fill the settings/dev.py with all databases (one per user)
Use the database router class to route the database to the models to the corresponding database (except the user model which will be redirected to a constant 'users' database of course because it is used to log in)
So when someone creates an account in our website and clicks the verify link sent by mail, it is supposed to query the server to run "manage.py create user", create a database for this user, change settings/dev.py to add the db to the list and finally perform a migration to create the db. Then, the user is redirected to the login page and is logged automatically with its credentials.
But i'm asking myself if is the best way to do that ?
Would we rather do the following ?
Create one app (copy files + settings/dev.py) for each user and determine which app to use from an http header or a subdomain (user.site.com) or a port, etc.
Use one database and create a user_id column in each table
Which one is the better for performance, scalability, security etc. ?
Thanks.
The company I work for is starting development of a Django business application that will use MySQL as the database engine. I'm looking for a way to keep from having database credentials stored in a plain-text config file.
I'm coming from a Windows/IIS background where a vhost can impersonate an existing Windows/AD user, and then use those credentials to authenticate with MS SQL Server.
As an example: If the Django application is running with apache2+mod_python on an Ubuntu server, would it be sane to add a "www-data" user to MySQL and then let MySQL verify the credentials using its PAM module?
Hopefully some of that makes sense. Thanks in advance!
MySQL controls access to tables from its own list of users, so it's better to create MySQL users with permissions. You might want to create roles instead of users so you don't have as many to manage: an Admin, a read/write role, a read-only role, etc.
A Django application always runs as the web server user. You could change that to "impersonate" an Ubuntu user, but what if that user is deleted? Leave it as "www-data" and manage the database role that way.