I am trying to build a conversational form with Django.
It will be used in landing page. The form questions will be loaded one by one as user answers them. And there will be some greeting and "human-way" responses to user input (such as "wow! you did a good choice!" after user selects one of the choices from form). The experience and look of the app will be like a real-time chat but user can only select one of the choices from form or upload a file/image.
1. Which technology is better to use for it? I am planning to do it with Fetch.
2. Since I want it to work without page reloading, how do I need to load Django forms through Fetch? Do I need to pass elements of it with JSON and construct it in client-side or can I just pass it as an html with {{form.as_p}} and display it in HTML?
Does these options make difference in matter of security?
I do not know anything about Fetch, but anyway I think it must be constructed clientside, but at first I would simply display the form in a template to get the ids of its fields and then use it in clientside code.
What about security - you'll need to pass the csrf token via your form.
Related
New to Django here. I have a link to a form in DJango. I use the CreateView to have the user enter the initial information. It all works great and the data is accurately saved to the database. My issue is this: I would like that same link to open the form (it's a one-to-one relationship) with the filled data so the user can see what they have previously entered and correct, edit or update as needed. The form currfently opens as a blank form so if the user has entered that information previously they are unable to see it. I cave researched get_or_create and update_or_create as well as a number of other topics, but can't seem to figure this out. This needs to be a user-friendly experience so multiple entires or clicking multiple buttons to access the data is not an option. How best can I implement this?
#Don you can checkout django formsets, I think this will help in this situation. And you can use a single FormView for all your needs by overriding its methods.
Have you looked at Django Sessions. It’s a simple way of saving session data and passing the data to future requests. https://docs.djangoproject.com/en/3.0/topics/http/sessions/. I. In your form view you cloud save the session data you want to pass to your next form. In your next form, you could use the session data as default values. I’ve done something similar in the past.
Consider a very simple dashboard application in Django. It has 2 models:
Page
Widget
Naturally, Page and Widget have a ManyToMany relationship.
Like any good dashboard implementation, the designers can change 3 things in a widget:
Data source that drives the widget
Placement of widget on the Page
Presentation of Data inside a widget
The Data is specified using a URL field in the Widget and is being served by a REST API based on Django REST Framework with the django-filter backend.
The Placement on the Page is catered using the excellent Gridster.
This leaves the Presentation part. I have two possible solutions:
Attach a template TextField with the Widget. Data will be fetched from web services in JSON format and rendered according to the template (handlebars) defined in Widget on the client side.
Pass the template name as query string in the URL to the REST API and render the Data using the user-specified template.
Now that the context is clearly defined (hopefully), following are my questions:
Is there any way I can choose the first solution and still be able to use the automatic forms generated by the DRF Serializers?
If not, and I choose the second solution, are there any potential pit-falls regarding security, code maintenance, code quality, testing and the like? Why have I not seen anyone else doing this i.e. letting the user select the template via query string?
Is there any other solution that I am missing?
Your first options seems most promising: fetch the data as JSON and insert it into templates on the client. All good.
So can you do that "and still be able to use the automatic forms generated by the DRF Serializers"? — Short answer, it depends what you mean by "automatic forms".
Serializers take a data dictionary, validate it and (for ModelSerializer subclasses) convert it into a (model) object instance for you. If by "automatic forms" you mean will you still be able to this validation behaviour, then the answer is yes. Create your JSON payload on the client and send an appropriate HTTP request to the API. Django Rest Framework's Serializers will work as expected.
If (though) by "automatic forms" you mean will you still be able to use the HTML forms that DRF provides in its web broweasble API, then the answer is no. The browseable API is built around an HTML renderer returning entire web pages. These include a pretty-printed representation of the JSON you'll be using as well as the web-forms that, on this assumption, you're interested in.
If you go this route you'll need to generate the forms on the client, using whatever model, view, template and binding features your chosen library (libraries?) offer(s).
I hope that helps. Good luck.
i have an add_form under my django app. i want to add a feature this form which is saving form automatically after user starts to type.
like in gmail , or blogger.
what are the steps i should follow? which way or plugin? and how to use them?
any knowlenge can help me.thank you.
There's two useful jquery plugins to get you started
https://github.com/BenGriffiths/jquery-save-as-you-type which saves what you type locally to a cookie client-side. Using this plugin is simpler and you will only need to actually save into your django backend when the user hits your form's "save" button.
and
https://github.com/nervetattoo/jquery-autosave which requires that you set up an intermediary model (perhaps a Draft model) in django to keep track of updates along the way. And when the user finally hits save, a final copy of the data is then saved into the actual model.
I've got several forms in my django app that require support for attachments. Each form instance may have any number of attachments, including none. I want to present a jQuery based upload widget for managing these uploads, allowing the uploads to be processed asynchronously. The attachments are stored in their own model, so there is then a many-to-many from the attachments model to each model that requires attachments. When an attachment is sucessfully uploaded and processed, the view handling the upload will return the id in the attachments model, which will then be inserted into a hidden field on the form. I'm currently trying to decide how best to represent this in the form.
One method would be to simply have a single hidden input which takes a comma separated list of ids. This would then require quite a lot of manual processing and validation on submission, which I can't help feeling could be avoided.
Elsewhere, I've used a HiddenInput for a single value where I'm doing something similar and dynamically adding items to the related model in the form. I can't however see how I can extend this directly to a Many to Many from a simple Foreign Key.
Anyone able to suggest the best way to go about doing this?
Try to use formsets or model_formsets to create a form for creating/editing multiple objects, also you can use javascript to add forms dynamically in your browser.
I have an HTML form in my Django web application (NOT implemented using Django forms) that does POST request.
Now I want to implement a feature so that other web apps, not necessarily django, from different domains, can send some data to my application and get redirected to the web page with this form, partially filled with that data (the data can be JSON).
Besides redirecting, after the user clicks submit on my form, I would also want to send a message to the other server with some short text information.
I am not sure what is the best way to implement this. REST interface like Piston?
Could you give me some general directions I should follow?
You should create a view that handles the POST data from the form and the external web apps.
You should be able to check whether the data you are getting in the view is coming from your site or another by checking request.META['HTTP_REFERER'].
If it is from your site, you can just handle the form as you usually would.
However if it is from an external site, you would instead render the template with the form in it. You can put the information you got from the external site into the context, so you can pre-fill the form in the template.
You should also include a flag in the form to say that this was from an external site, something like:
<input type="hidden" name="external_site_url" value="{{ external_site_url }}">
After that form is submitted, you can check for the existence of external_site_url. If it exists you can then send the message to the other server.
Note, because you want other apps to use your view, you'll have to disable CSRF protection on the view (https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#csrf-protection-should-be-disabled-for-just-a-few-views).
Also, by allowing other apps to use your view, you are opening yourself up to a lot of possible attacks. Be very careful with input validation and only give the view the ability to do the things it really needs -- you don't want an external app to be able to delete entries in your database for example.