In this article, we have present the different web frameworks available in Python Programming Language and explained the strength and weakness of each along with the use-cases. This will help you to judge which Python Web Framework to use in your project.
Table of contents:
- Introduction to Web Frameworks
- Full Stack Frameworks in Python
- Micro Frameworks in Python
Introduction to Web Frameworks
A web framework is a collection of modules or packages that allows developers write web applications faster while abstracting the low level details such as process/thread management, sockets. A web framework provides a consistent, uniform and logical application structure, diminishes the coding time by letting developers focus building the solution(web application) instead of the general routine processes.
Python is an interpreted, object oriented and high level programming language with an easy to learn syntax that emphasizes readability. Python isn't only a programming language of choice for data scientists but also for web developers. Web developers can now write production scale and secure web applications using python with the aid of python web frameworks.
In the following sections, we shall explore the following python web frameworks.
There are basically two types of web frameworks
- Full Stack Frameworks
- Micro Frameworks
Full Stack Frameworks in Python
Web applications tend to share certain requirements i.e CRUD (Create, Read, Update, Delete). To reduce the overhead in setting up a web application, these kind of frameworks ship with template engines, storage mechanisms, request dispatchers, an application server, authentication modules either as individual components or built into the framework.
Examples of Full Stack Frameworks
Django is an open source web framework that was originally developed at World Online, the web department of a newspaper in Lawrence, Kansas, USA. It is distributed under the 3-clause BSD license.
No doubt, It is indeed the web framework for perfectionists(with deadlines). By adhering to the DRY(Dont Repeat Yourself) priniciple, django lets developers focus on the bigger picture without being bogged down by the low level details.
Django takes the security of web applications seriously, applications powered by django are protected from a couple of common security vulnerabilities such as XSS (Cross Site Scripting), CSRF(Cross Site Request Forgery), SQL injection. Django provides support for a range of database storages - MySQL, SQLite, PostgreSQL, Oracle.
Pros of Django
Resources for learning about django are quite prevalent on the internet. Besides the official documentation, there are plenty of books, articles that can get you up to speed.
Django comes packed with protection against common security web vulnerabilities such as SQL injection, Cross Site Request Forgery(CSRF).
Django is not stringent to any type of web application. It can be used to build social networks, content management systems.
When you use django, with you, is a large and supportive community. And in situations when your application becomes erroneous, you have the community to help you out.
Cons of Django
It is so feature rich.
The plethora of features that come with django poses some limitations - unsuitable for small projects, too broad to learn.
When to use Django
- Developing REST APIs.
- Developing large projects with strict deadlines
- Projects that are likely to scale up and become complex in the future.
- Building secure projects with authorization.
Examples of applications powered by django
According to the co-founders of Instagram, django was adopted because it was super easy to setup i.e You find almost everything within.
What started as a teaching tool inspired by django turned into a robust and professional framework with a great community behind it. One notable feature of this framework is the web based IDE. Creating, modifying, administration and deployment of the web application can be fully done right inside your browser. It is devoid of installation and configuration requirements to the extent of carrying out around on your pen drive.
Pros of web2py
It supports a wide range of database storages with newer ones frequetly added. - MongoDB, FireBird, SQlite, MySQL, Oracle Cubid, etc
Ease of use.
The web based IDE provides a friendly and an intutive interface for setting up, developing and deploying web applications.
It can render templates in a range of output formats, templates can be HTML, RSS, XML, JSON, PDF etc.
One click deployment
No installations and configurations.
Can run multiple websites in one.
Cons of web2py
URL routing is based on a controller file ie default.py and functions defined in the controller file ie default/index will call index() function in the default.py file. In that manner, route naming is so dependent on file naming rules and thus, we might end up with non RESTFUL urls.
It has its own Database Abstraction Layer, template language(not actually a template language rather wrappers around HTML elements and pyhon control structures), and for developers migrating from another framework, it might seem like an alien environment.
When to use web2py
- Large projects that can host one more than one application in one big application.
- When developing for a range of database storages.
- Developing secure monolith server side rendered applications with various rendering formats.
Examples of applications powered by web2py
- Sahana Eden Humanitarian Management Platform
Micro Frameworks in Python
Sometimes, you might not really need all the features offered by full stack frameworks or, a certain requirement demands for a particular package which your full stack framework doesn't provide any means to plug it in, micro frameworks come to the rescue.
They are minimalistic in feature sense - they might include a template engine or not, they might not include an ORM(Object Relation Mapper), form validaton. With this intentional deficiency in shipped features comes greater flexibility. Developers have the freedom to choose the tools(third party) of their preference to fill in the requirement gaps of their applications.
The word 'micro' doesn't imply incapability or lacking in potential or features, it simply implies extensibility - micro frameworks can be everything you need and nothing you don't.
Examples of micro frameworks
This is one of the most pouplar micro frameworks inspired by Sinatra Ruby framework and based on the Werkezug WSGI and Jinja template engine. Flask doesn't include a Database Abstraction Layer or an ORM(Object Relation Mapper), form validation. You might percieve this as a sign of lacking in functionality. The opposite is true, flask is very extensible and what you might percieve as a deficiency in functionalities are basically choices left for you to make.
Pros of Flask
You don't have to search every nook and cranny for help about flask. Besides the official documentation, there are plenty of tutorials, articles and books about flask on the internet to get you up to speed.
Chances are high, the functionality you need in your application has already been provided as an extension. However, if there isn't any extension for your requirement, you can build your own.
Cons of Flask
With each extension added to the web application, It introduces the extension's dependencies into the project. And not to mention, some extensions may cease to be maintained in the future.
A 'bare'(without any extensions) flask installation only offers protection against Cross Site Scripting (XSS). Vulnerabilities can also be introduced through extension packages.
With such abundancy of extensions, it might delay application development as developers have to learn how to use the extensions.
When to use Flask
- Working on smaller projects
- Developing applications that demand for flexibility i.e using a variety of packages.
- Create static websites and rapid prototypes.
Applications powered by Flask
This is a fast and lightweight micro framework distributed as a single file with the Python Standard Library as its only dependency. It includes minimal features such as URL routing, Utilities(For working with headers, forms, etc), templates, and a development server. However, it can be extended with plugins e.g You can add an ORM by installing Bottle-SQLAlchemy plugin.
Pros of Bottle
Literally, It doesn't have any dependencies.
Cons of Bottle
Only suitable for small applications
There are only a handful of plugins available for this framework, implying an extra load on the developer's side to write their own plugins.
The freedom around the application structure(what should go where) might breed poorly structured and unmaintainable applications.
When to use Bottle
- Building simple web applications. The Bottle FAQs page explicitly advises developers to go for full stack frameworks when developers when developing complex applications.
- Fast Prototyping
Applications powered by Bottle
- Hanging Hyena - Puzzle and Game Site
If you are an OOP(Object Oriented Programming) fanatic, surely, this will be your choice. Besides the OOP syntax, this framework comes with a production ready server. It doesn't include any storage facilities, template engines, form facilities. However these intentionally lacking features can be provided by plugins.
Consider the following Hello World application
import cherrypy class HelloWorld(object): @cherrypy.expose def index(self): return "Hello world!" if __name__ == '__main__': cherrypy.quickstart(HelloWorld())
Even without having gone through the CherryPy docs, the code above is very succinct.
Pros of CherryPy
It is very easy to learn. It is more of python than CherryPy framework.
Thinkng in terms of objects encourages isolation, encapsulation thus producing maintainable code.
The framework is mature(first release in 2002) and highly stable.
It comes with a production ready server. Besides that, there are a number of CherryPy application hosting providers such as webfaction run by the CherryPy inventor.
Error handling in streamed responses is a responsibility of the server and not the application.
Doesn't come with any protection against common web security vulnerabilities. Security measures suchas setting particular headers like X-FRAME-OPTIONS, CONTENT-SECURITY-POLICY should be done manually by the developer.
When to use CherryPY
- When building small scale applications that require rapid development.
- Builing fast prototypes
Applications powerred by CherryPy
- Learnit Training
- Aculab Cloud
- fight watch
Summary of python web frameworks
|Django||Named after a jazz manouche guitarist Django Reinhardt. The framework follows a DRY(Don't Repeat Yourself) approach allowing developers to focus on developing the application. Django comes with a grand number of features and inherenly supports a plethora database storages.||Secure, Fast development, Database schema migrations, Authentication support, URL routing.|
|Dash||An open source web framework for building analytical web applications. It is ideal for data scientists that aren't really into the intricacies of traditional web applications.||URL routing, Decouples frontend and backend, Plugin support.|
|aiohttp||Asynchronous framework that relies on async and await features introduced in python 3.5+. It comes with server and client implementations.||Signals, middleware support, pluggable routing|
|Bottle||A fast, simple and lightweight WSGI micro web framework for python. This framework is distributed as single file and literally has no dependencies as its only dependency being the Python Standard Library.||No dependencies, Plugin support, builtin development server|
|CherryPy||A fast and reliable object oriented framework that follows a minimalistic approach. It comes with a production ready server and applications powered by CherryPy can deployed anywhere as regular python applications.||Production ready server, Flexible plugin system, Highly customizable, Runs on android, Built-in tools for caching, encoding, sessions, authentication, static content, and many more.|
|CubicWeb||An open source and semantic web framework that follows object oriented design and reusable components. CubicWeb applications are composed of cubes - A cube is a component which includes a model which defines some data types and views to display the data.||Reusable components, Simplified queries with Relational Query Language(RQL)|
|Falcon||Falcon is a blazingly fast micro web framework for building robust web application backends and micro services. It can compile with cython if available making its request-response cycle fast. It's worthy mentioning that some notable tech companies like LinkedIn, Paypal e.t.c are using Falcon.||Fast, Reliable, Extensible|
|Tornado||An Asynchronous networking library and web framework originally developed at FriendFeed. Tornado can scale up to heavy load traffic(tens of thousands of requests) and this makes it ideal for long polling and Web sockets.||Scales up pretty well, Web templating support, User authentication support|
|TurboGears||A web framework that can be both a micro framework and full stack framework. The framework aims to surpass the limitations of the next generation web frameworks like Django, Rails.||Designer friendly template system, Built in extensibility Pluggable Applications, Supports sharding.|
|Flask||Flask is one of the most popular micro frameworks. Inspired by Sinatra Ruby framework and comes with sensible defaults and on top of that, Flask is fully extensible through community maintained extensions to provide extra functionality.||Flexible, Jinja2 templating, Unit testing support, Inbuit development server|
|Web2Py||Free open source full-stack framework for rapid development of fast, scalable, secure and portable database-driven web-based applications.||Batteries included, Web based IDE, Extensible docs.|