DSW-Unit 4-Web Fundamentals
Summary
Deeper introduction to Flask Web Framework, and MVC-based web applications, intro to cloud deployment
Topics
- Additional Python Web App Practice
- Model/View/Controller design pattern
- Sessions
- Cookies
- Templates
- Simple use of Bootstrap for common navigation
- Simple cloud deployment via Heroku
- CSRF vulnerability and how to protect against it
- Managing environment variables locally (for CSRF protection secret)
- Accessing environment variables in Python code
- Managing environment variables in Python
- Using .gitignore to protect secret values
- Setting environment variables in Heroku app
Learning Objectives
- Student will be able to explain the role of Model, View and Controller in an MVC web application
- Student will be able to explain the concept of a session in a web application
- Student will be able to explain how cookies relate to sessions
- Student will be able to write Python code to operate on sessions (create/read value/update value/destroy) in a Flask web application
- Student will be able to use a bootstrap template to implement consistent page design with common navigation and footers for a simple multi-page web application
- Student will be able to deploy a simple website to the Heroku free tier
- Student will be able to explain the CSRF vulnerability and how setting an application secret helps to mitigate the risk
- Student will be able to use environment variables to set up an application secret for CSRF protection
- Student will be able to explain how a .gitignore protects the value of the application secret from being exposed via github
- Student will be able to explain how to set an application secret on a Heroku deployment