Repository files navigation

ADjango project boilerplate/template with a multitude of state-of-the-art libraries and tools. If pairing Django with React is a possibility for your project or spinoff, this is the best solution available. Save time with tools like:

• React, for building interactive UIs
• TypeScript, for static type checking
• Poetry, for managing the environment and its dependencies
• django-js-reverse, for generating URLs on JS
• React Bootstrap, for responsive styling
• Webpack, for bundling static assets
• Celery, for background worker tasks
• WhiteNoise withbrotlipy, for efficient static files serving
• ruff andESLint withpre-commit for automated quality assurance (does not replace proper testing!)

For continuous integration, aGithub Action configuration.github/workflows/main.yml is included.

Also, includes a Render.comrender.yaml and a working Djangoproduction.py settings, enabling easy deployments with'Deploy to Render' button. Therender.yaml includes the following:

• PostgreSQL, for DB
• Redis, for Celery

• react for building interactive UIs
• react-dom for rendering the UI
• react-router for page navigation
• webpack for bundling static assets
• webpack-bundle-tracker for providing the bundled assets to Django
• Styling
  • bootstrap for providing responsive stylesheets
  • react-bootstrap for providing components built on top of Bootstrap CSS without using plugins
  • sass for providing compatibility with SCSS files
• State management and backend integration
  • axios for performing asynchronous calls
  • cookie for easy integration with Django using thecsrftoken cookie
  • openapi-ts for generating TypeScript client API code from the backend OpenAPI schema
  • history for providing browser history to Connected React Router
• Utilities
  • lodash for general utility functions
  • classnames for easy working with complex CSS class names on components
  • react-refresh for improving QoL while developing through automatic browser refreshing

• django for building backend logic using Python
• djangorestframework for building a REST API on top of Django
• drf-spectacular for generating an OpenAPI schema for the Django REST API
• django-webpack-loader for rendering the bundled frontend assets
• django-js-reverse for easy handling of Django URLs on JS
• django-upgrade for automatically upgrading Django code to the target version on pre-commit
• django-guid for adding a unique correlation ID to log messages from Django requests
• psycopg for using PostgreSQL database
• sentry-sdk for error monitoring
• python-decouple for reading environment variables on settings files
• celery for background worker tasks
• django-csp for setting the draft security HTTP header Content-Security-Policy
• django-permissions-policy for setting the draft security HTTP header Permissions-Policy
• django-defender for blocking brute force attacks against login
• whitenoise andbrotlipy for serving static assets

Several people have leveraged our boilerplate to start spinoffs or to boost their efforts in the challenging pursuit of securing funding. Starting with a solid foundation allows you to create more resilient products and focus on what really matters: discovering and delivering value to your customers. If you are one of those people, we're eager to help you even more! We can spread the word about your project across our social media platforms, giving you access to a broader audience.

Send us an email atcontact@vintasoftware.com telling us a bit more about how our boilerplate helped you boost your project.

• Make sure you have Python 3.12 installed
• Install Django withpip install django, to have thedjango-admin command available
• Open the command line and go to the directory you want to start your project in
• Start your project using (replaceproject_name with your project name and remove the curly braces):

  django-admin startproject {{project_name}} --extension py,json,yml,yaml,toml --name Dockerfile,README.md,.env.example,.gitignore,Makefile --template=https://github.com/vintasoftware/django-react-boilerplate/archive/refs/heads/main.zip

  Alternatively, you may start the project in the current directory by placing a. right after the project name, using the following command:

  django-admin startproject {{project_name}} . --extension py,json,yml,yaml,toml --name Dockerfile,README.md,.env.example,.gitignore,Makefile --template=https://github.com/vintasoftware/django-react-boilerplate/archive/refs/heads/main.zip

In the next steps, always remember to replace {{project_name}} with your project's name (in case it isn't yet):

• Above: don't forget the--extension and--name params!
• Go into project's root directory:cd {{project_name}}
• Change the first line of README to the name of the project
• Add an email address to theADMINS settings variable in{{project_name}}/backend/{{project_name}}/settings/base.py
• Change theSERVER_EMAIL to the email address used to send e-mails in{{project_name}}/backend/{{project_name}}/settings/production.py

After completing ALL of the above, remove thisProject bootstrap section from the project README. Then followRunning below.

• Setupeditorconfig,ruff andESLint in the text editor you will use to develop.

• Do the following:
  • Create a git-untrackedlocal.py settings file:cp backend/{{project_name}}/settings/local.py.example backend/{{project_name}}/settings/local.py
  • Create a git-untracked.env.example file:cp backend/.env.example backend/.env

• Open thebackend/.env file on a text editor and uncomment the lineDATABASE_URL=postgres://{{project_name}}:password@db:5432/{{project_name}}
• Open a new command line window and go to the project's directory
• Run the initial setup:make docker_setup
• Create the migrations forusers app:make docker_makemigrations
• Run the migrations:make docker_migrate
• Run the project:make docker_up
• Accesshttp://localhost:8000 on your browser and the project should be running there
  • When you runmake docker_up, some containers are spinned up (frontend, backend, database, etc) and each one will be running on a different port
  • The container with the React app uses port 3000. However, if you try accessing it on your browser, the app won't appear there and you'll probably see a blank page with the "Cannot GET /" error
  • This happens because the container responsible for displaying the whole application is the Django app one (running on port 8000). The frontend container is responsible for providing a bundle with its assets fordjango-webpack-loader to consume and render them on a Django template
• To access the logs for each service, run:make docker_logs <service name> (eitherbackend,frontend, etc)
• To stop the project, run:make docker_down

• Open a new command line window and go to the project's directory
• Update the dependencies management files by performing any number of the following steps:
  • To add a newfrontend dependency, runnpm install <package name> --save

    The above command will update yourpackage.json, but won't make the change effective inside the container yet

  • To add a newbackend dependency, rundocker compose run --rm backend bash to open an interactive shell and then runpoetry add {dependency} to add the dependency. If the dependency should be only available for development user append-G dev to the command.
  • After updating the desired file(s), runmake docker_update_dependencies to update the containers with the new dependencies

    The above command will stop and re-build the containers in order to make the new dependencies effective

• Open thebackend/.env file on a text editor and do one of the following:
  • If you wish to use SQLite locally, uncomment the lineDATABASE_URL=sqlite:///db.sqlite3
  • If you wish to use PostgreSQL locally, uncomment and edit the lineDATABASE_URL=postgres://{{project_name}}:password@db:5432/{{project_name}} in order to make it correctly point to your database URL
    • The url format is the following:postgres://USER:PASSWORD@HOST:PORT/NAME
  • If you wish to use another database engine locally, add a newDATABASE_URL setting for the database you wish to use
    • Please refer todj-database-url on how to configureDATABASE_URL for commonly used engines
• Open a new command line window and go to the project's directory
• Runpoetry install

• Go to thebackend directory
• Create the migrations forusers app:poetry run python manage.py makemigrations
• Run the migrations:poetry run python manage.py migrate
• Generate the OpenAPI schema:poetry run python manage.py spectacular --color --file schema.yml
• Run the project:poetry run python manage.py runserver

• Open a new command line window and go to the project's directory
• npm install
• npm run openapi-ts
  • This is used to generate the TypeScript client API code from the backend OpenAPI schema
• npm run dev
  • This is used to serve the frontend assets to be consumed bydjango-webpack-loader and not to run the React application as usual, so don't worry if you try to check what's running on port 3000 and see an error on your browser
• Open a browser and go tohttp://localhost:8000 to see the project running

• poetry run celery --app={{project_name}} worker --loglevel=info

• Ensure that Redis is already installed on your system. Once confirmed, runredis-server --port 6379 to start the Redis server.
• If you wish to use Redis for Celery, you need to set theCELERY_BROKER_URL environment variable in thebackend/.env file toredis://localhost:6379/0.
  • The/0 at the end of the URL specifies the database number on the Redis server. Redis uses a zero-based numbering system for databases, so0 is the first database. If you don't specify a database number, Redis will use the first database by default.
  • Note: Prefer RabbitMQ over Redis for Broker, mainly because RabbitMQ doesn't need visibility timeout. SeeRecommended Celery Django settings for reliability.

• For development, we use Mailhog to test our e-mail workflows, since it allows us to inspect the messages to validate they're correctly built
  • Docker users already have it setup and running once they start the project
  • For non-Docker users, please have a lookhere for instructions on how to setup Mailhog on specific environments

    The project expects Mailhog SMTP server to be running on port 1025, you may alter that by changingEMAIL_PORT on settings

make test

Will run django tests using--keepdb and--parallel. You may pass a path to the desired test module in the make command. E.g.:

make test someapp.tests.test_views

To add a newbackend dependency, runpoetry add {dependency}. If the dependency should be only available for development user append-G dev to the command.

We use theDRF-Spectacular tool to generate an OpenAPI schema from our Django Rest Framework API. The OpenAPI schema serves as the backbone for generating client code, creating comprehensive API documentation, and more.

The API documentation pages are accessible athttp://localhost:8000/api/schema/swagger-ui/ orhttp://localhost:8000/api/schema/redoc/.

We use theopenapi-ts tool to generate TypeScript client code from the OpenAPI schema. The generated client code is used to interact with the API in a type-safe manner.

To enable Continuous Integration through Github Actions, we provide aproj_main.yml file. To connect it to Github you need to rename it tomain.yml and move it to the.github/workflows/ directory.

You can do it with the following commands:

mkdir -p .github/workflowsmv proj_main.yml .github/workflows/main.yml

This project comes with anrender.yaml file, which can be used to create an app on Render.com from a GitHub repository.

Before deploying, please make sure you've generated an up-to-datepoetry.lock file containing the Python dependencies. This is necessary even if you've used Docker for local runs. Do so by followingthese instructions.

After setting up the project, you can init a repository and push it on GitHub. If your repository is public, you can use the following button:

If you are in a private repository, access the following link replacing$YOUR_REPOSITORY_URL$ with your repository link.

• https://render.com/deploy?repo=$YOUR_REPOSITORY_URL$

Keep reading to learn how to configure the prompted environment variables.

Chances are your project name isn't unique in Render, and you'll get a randomized suffix as your full app URL like:https://{{project_name}}-a1b2.onrender.com.

But this will only happen after the first deploy, so you are not able to properly fillALLOWED_HOSTS yet. Simply set it to* then fix it later to something like{{project_name}}-a1b2.onrender.com and your domain name likeexample.org.

Default is 1, meaning the build script will run collectstatic during deploys.

Default is 1, meaning the build script will run collectstatic during deploys.

By default, the project will always run therender_build.sh script during deployments. This script does the following:

1. Build the frontend
2. Build the backend
3. Run Django checks
4. Runcollectstatic
5. Run Django migrations
6. Push frontend source maps to Sentry

As there aren't free plans for Workers in Render.com, the configuration for Celery workers/beat will be commented by default in therender.yaml. This means celery won't be available by default.

Uncommenting the worker configuration lines onrender.yaml will imply in costs.

To enable sending emails from your application you'll need to have a valid SendGrid account and also a valid verified sender identity. After finishing the validation process you'll be able to generate the API credentials and define theSENDGRID_USERNAME andSENDGRID_PASSWORD environment variables on Render.com.

These variables are required for your application to work on Render.com since it's pre-configured to automatically email admins when the application is unable to handle errors gracefully.

Media files integration with S3 or similar is not supported yet. Please feel free to contribute!

Sentry is already set up on the project. For production, addSENTRY_DSN environment variable on Render.com, with your Sentry DSN as the value.

You can test your Sentry configuration by deploying the boilerplate with the sample page and clicking on the corresponding button.

Therender_build.sh script has a step to push Javascript source maps to Sentry, however some environment variables need to be set on Render.com.

The environment variables that need to be set are:

• SENTRY_ORG - Name of the Sentry Organization that owns your Sentry Project.
• SENTRY_PROJECT_NAME - Name of the Sentry Project.
• SENTRY_API_KEY - Sentry API key that needs to be generated on Sentry.You can find or create authentication tokens within Sentry.

After enabling dyno metadata and setting the environment variables, your next Render.com Deploys will create a release on Sentry where the release name is the commit SHA, and it will push the source maps to it.

• At pre-commit time (see below)
• Manually withpoetry run ruff andnpm run lint on project root.
• During development with an editor compatible with ruff and ESLint.

• Not supported yet. Please feel free to contribute!

• On project root, runpoetry run pre-commit install to enable the hook into your git repo. The hook will run automatically for each commit.

Some settings defaults were decided based on Vinta's experiences. Here's the rationale behind them:

• Using atomic requests in production prevents several database consistency issues. CheckDjango docs for more details.

• Important: When you are queueing a new Celery task directly from a Django view, particularly with little or no delay/ETA, it is essential to usetransaction.on_commit(lambda: my_task.delay()). This ensures that the task is only queued after the associated database transaction has been successfully committed.

  • Iftransaction.on_commit is not utilized, or if a significant delay is not set, you risk encountering race conditions. In such scenarios, the Celery task might execute before the completion of the request's transaction. This can lead to inconsistencies and unexpected behavior, as the task might operate on a database state that does not yet reflect the changes made in the transaction. Read more about this problem onthis article.

• We believe Celery tasks should be idempotent. So for us it's safe to setCELERY_TASK_ACKS_LATE = True to ensure tasks will be re-queued after a worker failure. Check Celery docs on"Should I use retry or acks_late?" for more info.

Django-CSP helps implementing Content Security Policy (CSP) in Django projects to mitigate cross-site scripting (XSS) attacks by declaring which dynamic resources are allowed to load.

In this project, we have defined several CSP settings that define the sources from which different types of resources can be loaded. If you need to load external images, fonts, or other resources, you will need to add the sources to the corresponding CSP settings. For example:

• To load scripts from an external source, such ashttps://browser.sentry-cdn.com, you would add this source toCSP_SCRIPT_SRC.
• To load images from an external source, such ashttps://example.com, you would add this source toCSP_IMG_SRC.

Please note that you should only add trusted sources to these settings to maintain the security of your site. For more details, please refer to theDjango-CSP documentation.

If you wish to contribute to this project, please first discuss the change you wish to make via anissue.

Check ourcontributing guide to learn more about our development process and how you can test your changes to the boilerplate.

This project is maintained byVinta Software and is used in products of Vinta's clients. We are always looking for exciting work! If you need any commercial support, feel free to get in touch:contact@vinta.com.br