| published by | Tim Schilling |
|---|---|
| in blog | Better Simple |
| original entry | Lunch Talk Series: An Opinionated Guide to Modern Django Forms |
This iteration of the Lunch Talk Series will be covering John Thomas’ formative DjangoCon US talk, “An Opinionated Guide to Modern Django Forms”.
You should watch this if:
Josh begins the talk by explaining what forms are, their history in Django and the various components of them. And as he puts it, “the form library is kind of complicated”. Which 100% agreed Josh. Every time I dig in, I’m having to sort out which thing I need to use for what.
The next part of the talk is leveling up your Django forms. In this part, he goes through a basic HTML form and progressively adds more and more functionality and logic to it. By the end, it operates like a modern web app with real-time validation of inputs and modern styling via Tailwind. By the end, you have an understanding of the current state of Django forms and have insights into the broader ecosystem around forms and component libraries.
I appreciate Josh’s approach here because he shows the composability of Django and how gracious he is towards other developers and libraries. There is constant acknowledgement of the work and effort of others which is great to see.
My takeaway from this talk is that there’s still more for me to learn about modern Django forms. I’ve done a few deep dives recently, but it seems there’s even more to learn. Specifically, as_field_group, I have yet to use that and it seems pretty neat.
If you watch the talk and are wondering why Josh’s approach should not be used in production, it’s because the HTMX validation is submitting the request as a GET rather than a POST. Since the form is validating the two passwords, this means the passwords are sent in the query string which any server that the request hits will have that in their logs. To make this production capable, the request should be made as a POST using hx-post so that the fields are encrypted in the body of the request.