# Module 00: Project Setup & 3-Tier Architecture

**Difficulty**: ‚≠ê‚≠ê  
**Estimated Time**: 2 hours  
**Prerequisites**: Django basics, Python intermediate knowledge, command line familiarity

## Learning Objectives

By the end of this notebook, you will be able to:

1. **Understand 3-tier architecture** and how it maps to Django's MVT pattern
2. **Set up a production-ready Django project structure** with proper separation of concerns
3. **Implement a settings pattern** for multiple environments (dev, staging, production)
4. **Configure Docker** for local development with hot-reload
5. **Set up code quality tools** (black, isort, flake8, mypy) with pre-commit hooks
6. **Organize project files** following industry best practices

---

## Table of Contents

1. [Understanding 3-Tier Architecture](#1-understanding-3-tier-architecture)
2. [Django Project Structure](#2-django-project-structure)
3. [Settings Pattern for Multiple Environments](#3-settings-pattern)
4. [Docker Development Setup](#4-docker-development-setup)
5. [Code Quality Tools](#5-code-quality-tools)
6. [Summary & Next Steps](#summary)

---

## 1. Understanding 3-Tier Architecture

### What is 3-Tier Architecture?

3-tier architecture is a software design pattern that separates applications into three logical layers:

```
‚îå‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îê
‚îÇ     PRESENTATION LAYER                  ‚îÇ  
‚îÇ  (User Interface / API Interface)       ‚îÇ
‚îÇ  - Handle HTTP requests/responses       ‚îÇ
‚îÇ  - Input validation                     ‚îÇ
‚îÇ  - Response formatting                  ‚îÇ
‚îî‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îò
              ‚Üì ‚Üë
‚îå‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îê
‚îÇ     BUSINESS LOGIC LAYER                ‚îÇ
‚îÇ  (Application Logic)                    ‚îÇ
‚îÇ  - Business rules                       ‚îÇ
‚îÇ  - Data processing                      ‚îÇ
‚îÇ  - Transaction management               ‚îÇ
‚îî‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îò
              ‚Üì ‚Üë
‚îå‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îê
‚îÇ     DATA ACCESS LAYER                   ‚îÇ
‚îÇ  (Database Operations)                  ‚îÇ
‚îÇ  - CRUD operations                      ‚îÇ
‚îÇ  - Query optimization                   ‚îÇ
‚îÇ  - Data persistence                     ‚îÇ
‚îî‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îÄ‚îò
```

### Benefits of 3-Tier Architecture

1. **Separation of Concerns**: Each layer has a single, well-defined responsibility
2. **Testability**: Layers can be tested independently
3. **Maintainability**: Changes in one layer don't cascade to others
4. **Scalability**: Layers can be scaled independently
5. **Team Collaboration**: Clear boundaries enable parallel development
6. **Reusability**: Business logic can serve multiple interfaces (API, admin, CLI)

### Mapping 3-Tier to Django

Django uses MVT (Model-View-Template), but we'll organize it into 3-tier:

| 3-Tier Layer | Django Components | File Location |
|--------------|-------------------|---------------|
| **Presentation** | Views, Serializers, Templates, Forms | `views.py`, `serializers.py`, `templates/`, `forms.py` |
| **Business Logic** | Services, Selectors | `services.py`, `selectors.py` |
| **Data Access** | Models, Managers, QuerySets | `models.py`, `managers.py` |

In [None]:
# Example: 3-Tier Architecture in Django

# ===== DATA ACCESS LAYER (models.py) =====
from django.db import models
from django.contrib.auth.models import User

class Post(models.Model):
    """Data model - only data structure and simple properties."""
    title = models.CharField(max_length=200)
    content = models.TextField()
    author = models.ForeignKey(User, on_delete=models.CASCADE)
    created_at = models.DateTimeField(auto_now_add=True)
    status = models.CharField(max_length=20, default='draft')

    class Meta:
        db_table = 'posts'
        indexes = [
            models.Index(fields=['author', '-created_at']),
        ]


# ===== BUSINESS LOGIC LAYER (services.py) =====
from django.db import transaction
from typing import Optional

class PostService:
    """Business logic for posts - handles complex operations."""

    @staticmethod
    @transaction.atomic
    def create_post(*, author: User, title: str, content: str) -> Post:
        """Create a new post with business validation."""
        # Business rule: Users can't create posts with profanity
        if contains_profanity(title) or contains_profanity(content):
            raise ValueError("Content contains inappropriate language")

        # Business rule: Draft posts by default
        post = Post.objects.create(
            author=author,
            title=title,
            content=content,
            status='draft'
        )

        # Business logic: Notify followers
        notify_followers.delay(post.id)

        return post


# ===== PRESENTATION LAYER (views.py) =====
from rest_framework import status
from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework.permissions import IsAuthenticated

class PostCreateView(APIView):
    """API endpoint - thin controller that delegates to service layer."""
    permission_classes = [IsAuthenticated]

    def post(self, request):
        """Handle HTTP POST request."""
        # Input validation (presentation concern)
        serializer = PostCreateSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)

        # Delegate to business logic layer
        try:
            post = PostService.create_post(
                author=request.user,
                **serializer.validated_data
            )
        except ValueError as e:
            return Response(
                {'error': str(e)},
                status=status.HTTP_400_BAD_REQUEST
            )

        # Response formatting (presentation concern)
        return Response(
            PostSerializer(post).data,
            status=status.HTTP_201_CREATED
        )


# Helper functions (would be in utils or services)
def contains_profanity(text: str) -> bool:
    """Check if text contains profanity (simplified example)."""
    profanity_list = ['badword1', 'badword2']  # In reality, use a library
    return any(word in text.lower() for word in profanity_list)

def notify_followers(post_id: int):
    """Placeholder for Celery task."""
    pass

print("‚úì 3-Tier architecture example loaded")
print("\nKey takeaway: Views are thin, Services contain business logic, Models only handle data.")

### üí° Key Principles

**DON'T:**
- ‚ùå Put business logic in views (makes testing hard)
- ‚ùå Put business logic in models (violates single responsibility)
- ‚ùå Make views talk directly to multiple models (tight coupling)

**DO:**
- ‚úÖ Keep views thin - they should only handle HTTP concerns
- ‚úÖ Put business logic in service layer
- ‚úÖ Use selectors for complex read queries
- ‚úÖ Keep models focused on data structure and simple properties

---

## 2. Django Project Structure

### Industry-Standard Structure

Here's a production-ready Django project structure:

```
project_root/
‚îú‚îÄ‚îÄ manage.py
‚îú‚îÄ‚îÄ requirements/
‚îÇ   ‚îú‚îÄ‚îÄ base.txt           # Common dependencies
‚îÇ   ‚îú‚îÄ‚îÄ development.txt    # Dev-only tools
‚îÇ   ‚îú‚îÄ‚îÄ production.txt     # Production extras
‚îÇ   ‚îî‚îÄ‚îÄ testing.txt        # Test dependencies
‚îú‚îÄ‚îÄ config/                # Project configuration
‚îÇ   ‚îú‚îÄ‚îÄ __init__.py
‚îÇ   ‚îú‚îÄ‚îÄ settings/
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ __init__.py
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ base.py        # Common settings
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ development.py # Dev settings
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ staging.py     # Staging settings
‚îÇ   ‚îÇ   ‚îî‚îÄ‚îÄ production.py  # Prod settings
‚îÇ   ‚îú‚îÄ‚îÄ urls.py
‚îÇ   ‚îú‚îÄ‚îÄ wsgi.py
‚îÇ   ‚îî‚îÄ‚îÄ asgi.py
‚îú‚îÄ‚îÄ apps/                  # Django apps
‚îÇ   ‚îú‚îÄ‚îÄ users/
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ __init__.py
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ models.py      # Data layer
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ managers.py    # Custom managers/querysets
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ services.py    # Business logic
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ selectors.py   # Complex queries
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ views.py       # Presentation layer
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ serializers.py # API serializers
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ urls.py
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ admin.py
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ apps.py
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ exceptions.py  # Custom exceptions
‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ tests/
‚îÇ   ‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ __init__.py
‚îÇ   ‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ test_models.py
‚îÇ   ‚îÇ   ‚îÇ   ‚îú‚îÄ‚îÄ test_services.py
‚îÇ   ‚îÇ   ‚îÇ   ‚îî‚îÄ‚îÄ test_views.py
‚îÇ   ‚îÇ   ‚îî‚îÄ‚îÄ migrations/
‚îÇ   ‚îî‚îÄ‚îÄ posts/
‚îÇ       ‚îî‚îÄ‚îÄ (same structure)
‚îú‚îÄ‚îÄ static/                # Static files
‚îú‚îÄ‚îÄ media/                 # User uploads
‚îú‚îÄ‚îÄ templates/             # Global templates
‚îú‚îÄ‚îÄ tests/                 # Integration tests
‚îú‚îÄ‚îÄ docs/                  # Documentation
‚îú‚îÄ‚îÄ scripts/               # Utility scripts
‚îú‚îÄ‚îÄ .env.example           # Environment variables template
‚îú‚îÄ‚îÄ .gitignore
‚îú‚îÄ‚îÄ Dockerfile
‚îú‚îÄ‚îÄ docker-compose.yml
‚îú‚îÄ‚îÄ .pre-commit-config.yaml
‚îî‚îÄ‚îÄ pytest.ini             # Pytest configuration
```

### Why This Structure?

1. **`config/` instead of `project/`**: Clearer naming convention
2. **`apps/` directory**: Organize all Django apps in one place
3. **Split settings**: Environment-specific configurations
4. **Split requirements**: Install only what you need per environment
5. **`services.py` and `selectors.py`**: Explicit business logic layer
6. **`tests/` in each app**: Co-locate tests with code

In [None]:
# Let's create this structure programmatically
import os
from pathlib import Path

def create_project_structure(base_path: str = "demo_project"):
    """
    Create a production-ready Django project structure.

    Args:
        base_path: Root directory for the project
    """
    structure = {
        'requirements': ['base.txt', 'development.txt', 'production.txt', 'testing.txt'],
        'config': {
            '__init__.py': '',
            'settings': {
                '__init__.py': '',
                'base.py': '',
                'development.py': '',
                'staging.py': '',
                'production.py': '',
            },
            'urls.py': '',
            'wsgi.py': '',
            'asgi.py': '',
        },
        'apps': {
            'users': {
                '__init__.py': '',
                'models.py': '',
                'managers.py': '',
                'services.py': '',
                'selectors.py': '',
                'views.py': '',
                'serializers.py': '',
                'urls.py': '',
                'admin.py': '',
                'apps.py': '',
                'exceptions.py': '',
                'tests': {
                    '__init__.py': '',
                    'test_models.py': '',
                    'test_services.py': '',
                    'test_views.py': '',
                },
                'migrations': {'__init__.py': ''},
            }
        },
        'static': {},
        'media': {},
        'templates': {},
        'tests': {'__init__.py': ''},
        'docs': {},
        'scripts': {},
    }

    def create_structure(current_path: Path, structure: dict):
        """Recursively create directory structure."""
        for name, content in structure.items():
            path = current_path / name

            if isinstance(content, dict):
                # It's a directory
                path.mkdir(parents=True, exist_ok=True)
                create_structure(path, content)
            elif isinstance(content, list):
                # It's a list of files
                path.mkdir(parents=True, exist_ok=True)
                for file in content:
                    (path / file).touch()
            else:
                # It's a file
                path.parent.mkdir(parents=True, exist_ok=True)
                path.write_text(content)

    base = Path(base_path)
    base.mkdir(exist_ok=True)
    create_structure(base, structure)

    # Create root-level files
    (base / 'manage.py').touch()
    (base / '.env.example').touch()
    (base / '.gitignore').touch()
    (base / 'Dockerfile').touch()
    (base / 'docker-compose.yml').touch()
    (base / '.pre-commit-config.yaml').touch()
    (base / 'pytest.ini').touch()
    (base / 'README.md').touch()

    print(f"‚úì Project structure created at: {base.absolute()}")

    return base


# Create the demo structure
project_path = create_project_structure()

# Display the structure
def display_tree(path: Path, prefix: str = "", is_last: bool = True):
    """Display directory tree."""
    connector = "‚îî‚îÄ‚îÄ " if is_last else "‚îú‚îÄ‚îÄ "
    print(f"{prefix}{connector}{path.name}/" if path.is_dir() else f"{prefix}{connector}{path.name}")

    if path.is_dir():
        children = sorted(path.iterdir(), key=lambda p: (not p.is_dir(), p.name))
        for i, child in enumerate(children):
            is_last_child = i == len(children) - 1
            extension = "    " if is_last else "‚îÇ   "
            display_tree(child, prefix + extension, is_last_child)

print("\nüìÅ Project Structure:")
print("="*50)
display_tree(project_path)
print("="*50)

### üéØ Exercise 1: Identify Architecture Violations

Which of these code examples violate 3-tier architecture principles?

**Example A:**
```python
# views.py
def create_user(request):
    user = User.objects.create(
        email=request.POST['email'],
        password=request.POST['password']
    )
    Profile.objects.create(user=user)
    send_welcome_email(user.email)
    return JsonResponse({'id': user.id})
```

**Example B:**
```python
# views.py
def create_user(request):
    serializer = UserSerializer(data=request.data)
    serializer.is_valid(raise_exception=True)
    user = UserService.create_user(**serializer.validated_data)
    return Response(UserSerializer(user).data, status=201)
```

<details>
<summary>üí° Click for answer</summary>

**Example A violates 3-tier architecture:**
- ‚ùå Business logic in view (creating user + profile + email)
- ‚ùå Direct model access from view
- ‚ùå No input validation
- ‚ùå No transaction management
- ‚ùå Hard to test

**Example B follows 3-tier architecture:**
- ‚úÖ View only handles HTTP concerns (validation, response formatting)
- ‚úÖ Business logic in service layer
- ‚úÖ Proper separation of concerns
- ‚úÖ Easy to test each layer independently
</details>

---

## 3. Settings Pattern for Multiple Environments {#3-settings-pattern}

### Why Split Settings?

Different environments need different configurations:

- **Development**: DEBUG=True, SQLite, detailed error pages
- **Staging**: DEBUG=False, PostgreSQL, similar to production
- **Production**: DEBUG=False, PostgreSQL, strict security, caching

### Settings Structure

```
config/settings/
‚îú‚îÄ‚îÄ __init__.py          # Empty or imports based on ENV
‚îú‚îÄ‚îÄ base.py              # Common settings
‚îú‚îÄ‚îÄ development.py       # Dev-specific
‚îú‚îÄ‚îÄ staging.py           # Staging-specific
‚îî‚îÄ‚îÄ production.py        # Production-specific
```

In [None]:
# Example: config/settings/base.py
# This would be in a real Django settings file

BASE_SETTINGS = '''
"""
Base settings shared across all environments.
"""
import os
from pathlib import Path
import environ

# Build paths
BASE_DIR = Path(__file__).resolve().parent.parent.parent

# Environment variables
env = environ.Env(
    DEBUG=(bool, False),
    ALLOWED_HOSTS=(list, []),
    DATABASE_URL=(str, ''),
)
environ.Env.read_env(os.path.join(BASE_DIR, '.env'))

# Security
SECRET_KEY = env('SECRET_KEY')
DEBUG = env('DEBUG')
ALLOWED_HOSTS = env.list('ALLOWED_HOSTS')

# Application definition
INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',

    # Third-party
    'rest_framework',
    'django_filters',
    'corsheaders',

    # Local apps
    'apps.users',
    'apps.posts',
]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'corsheaders.middleware.CorsMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

ROOT_URLCONF = 'config.urls'
WSGI_APPLICATION = 'config.wsgi.application'

# Database - will be overridden in environment-specific settings
DATABASES = {
    'default': env.db('DATABASE_URL', default='sqlite:///db.sqlite3')
}

# Password validation
AUTH_PASSWORD_VALIDATORS = [
    {'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator'},
    {'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator'},
    {'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator'},
    {'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator'},
]

# Internationalization
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_TZ = True

# Static files
STATIC_URL = '/static/'
STATIC_ROOT = BASE_DIR / 'staticfiles'
STATICFILES_DIRS = [BASE_DIR / 'static']

# Media files
MEDIA_URL = '/media/'
MEDIA_ROOT = BASE_DIR / 'media'

# REST Framework
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    ],
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated',
    ],
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    'PAGE_SIZE': 20,
}
'''

print("üìÑ Base Settings Example:")
print("="*60)
print(BASE_SETTINGS)
print("="*60)

In [None]:
# Example: config/settings/development.py

DEV_SETTINGS = '''
"""
Development-specific settings.
"""
from .base import *

# Debug mode ON for development
DEBUG = True
ALLOWED_HOSTS = ['localhost', '127.0.0.1', '0.0.0.0']

# Development database (SQLite for simplicity)
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': BASE_DIR / 'db.sqlite3',
    }
}

# Development-only apps
INSTALLED_APPS += [
    'django_extensions',   # shell_plus, runserver_plus
    'debug_toolbar',       # Debug toolbar
]

MIDDLEWARE += [
    'debug_toolbar.middleware.DebugToolbarMiddleware',
]

# Debug toolbar configuration
INTERNAL_IPS = ['127.0.0.1']

# Email backend - console for development
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'

# CORS - allow all in development
CORS_ALLOW_ALL_ORIGINS = True

# Cache - dummy cache for development
CACHES = {
    'default': {
        'BACKEND': 'django.core.cache.backends.dummy.DummyCache',
    }
}

# Logging - verbose in development
LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'handlers': {
        'console': {
            'class': 'logging.StreamHandler',
        },
    },
    'root': {
        'handlers': ['console'],
        'level': 'DEBUG',
    },
}
'''

print("üõ†Ô∏è Development Settings Example:")
print("="*60)
print(DEV_SETTINGS)
print("="*60)

In [None]:
# Example: config/settings/production.py

PROD_SETTINGS = '''
"""
Production-specific settings.
"""
from .base import *

# Security - strict in production
DEBUG = False
ALLOWED_HOSTS = env.list('ALLOWED_HOSTS')

# Database - PostgreSQL for production
DATABASES = {
    'default': env.db('DATABASE_URL')
}
DATABASES['default']['ATOMIC_REQUESTS'] = True
DATABASES['default']['CONN_MAX_AGE'] = 600

# Security settings
SECURE_BROWSER_XSS_FILTER = True
SECURE_CONTENT_TYPE_NOSNIFF = True
SECURE_HSTS_SECONDS = 31536000  # 1 year
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
SECURE_SSL_REDIRECT = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
X_FRAME_OPTIONS = 'DENY'

# CORS - specific origins only
CORS_ALLOWED_ORIGINS = env.list('CORS_ALLOWED_ORIGINS')

# Cache - Redis for production
CACHES = {
    'default': {
        'BACKEND': 'django_redis.cache.RedisCache',
        'LOCATION': env('REDIS_URL'),
        'OPTIONS': {
            'CLIENT_CLASS': 'django_redis.client.DefaultClient',
            'CONNECTION_POOL_KWARGS': {'max_connections': 50}
        }
    }
}

# Session - use cache
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
SESSION_CACHE_ALIAS = 'default'

# Email - real SMTP in production
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = env('EMAIL_HOST')
EMAIL_PORT = env.int('EMAIL_PORT', default=587)
EMAIL_USE_TLS = True
EMAIL_HOST_USER = env('EMAIL_HOST_USER')
EMAIL_HOST_PASSWORD = env('EMAIL_HOST_PASSWORD')

# Static files - use cloud storage
# AWS_ACCESS_KEY_ID = env('AWS_ACCESS_KEY_ID')
# AWS_SECRET_ACCESS_KEY = env('AWS_SECRET_ACCESS_KEY')
# AWS_STORAGE_BUCKET_NAME = env('AWS_STORAGE_BUCKET_NAME')
# STATICFILES_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage'

# Logging - structured logging for production
LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'formatters': {
        'json': {
            'class': 'pythonjsonlogger.jsonlogger.JsonFormatter',
        },
    },
    'handlers': {
        'console': {
            'class': 'logging.StreamHandler',
            'formatter': 'json',
        },
    },
    'root': {
        'handlers': ['console'],
        'level': 'INFO',
    },
    'loggers': {
        'django.security': {
            'handlers': ['console'],
            'level': 'ERROR',
            'propagate': False,
        },
    },
}

# Celery - for background tasks
CELERY_BROKER_URL = env('CELERY_BROKER_URL')
CELERY_RESULT_BACKEND = env('CELERY_RESULT_BACKEND')
'''

print("üöÄ Production Settings Example:")
print("="*60)
print(PROD_SETTINGS)
print("="*60)

### How to Use Different Settings

```bash
# Development
export DJANGO_SETTINGS_MODULE=config.settings.development
python manage.py runserver

# Production
export DJANGO_SETTINGS_MODULE=config.settings.production
gunicorn config.wsgi:application
```

Or use environment variable in `.env`:
```
DJANGO_SETTINGS_MODULE=config.settings.development
```

### üéØ Exercise 2: Create .env.example

Create a `.env.example` file that documents all required environment variables.

<details>
<summary>üí° Click for solution</summary>

```bash
# .env.example
# Copy this to .env and fill in your values

# Django
DJANGO_SETTINGS_MODULE=config.settings.development
SECRET_KEY=your-secret-key-here-change-in-production
DEBUG=True
ALLOWED_HOSTS=localhost,127.0.0.1

# Database
DATABASE_URL=postgresql://user:password@localhost:5432/dbname

# Redis
REDIS_URL=redis://localhost:6379/0

# Celery
CELERY_BROKER_URL=redis://localhost:6379/0
CELERY_RESULT_BACKEND=redis://localhost:6379/0

# Email
EMAIL_HOST=smtp.gmail.com
EMAIL_PORT=587
EMAIL_HOST_USER=your-email@gmail.com
EMAIL_HOST_PASSWORD=your-app-password

# CORS
CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost:8000

# AWS (if using S3)
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# AWS_STORAGE_BUCKET_NAME=
```
</details>

---

## 4. Docker Development Setup {#4-docker-development-setup}

### Why Docker for Development?

1. **Consistency**: Same environment for all developers
2. **Isolation**: Don't pollute your system with dependencies
3. **Easy onboarding**: New developers just run `docker-compose up`
4. **Matches production**: Use same database, cache, etc.

### Docker Setup for Django

In [None]:
# Example: Dockerfile for development

DOCKERFILE = '''
# Dockerfile
FROM python:3.11-slim

# Set environment variables
ENV PYTHONUNBUFFERED=1 \\
    PYTHONDONTWRITEBYTECODE=1 \\
    PIP_NO_CACHE_DIR=1 \\
    PIP_DISABLE_PIP_VERSION_CHECK=1

# Set work directory
WORKDIR /app

# Install system dependencies
RUN apt-get update && apt-get install -y \\
    postgresql-client \\
    build-essential \\
    libpq-dev \\
    && rm -rf /var/lib/apt/lists/*

# Install Python dependencies
COPY requirements/base.txt requirements/development.txt ./requirements/
RUN pip install -r requirements/development.txt

# Copy project
COPY . .

# Run migrations and start server
CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"]
'''

print("üê≥ Dockerfile Example:")
print("="*60)
print(DOCKERFILE)
print("="*60)

In [None]:
# Example: docker-compose.yml for development

DOCKER_COMPOSE = '''
# docker-compose.yml
version: '3.9'

services:
  # PostgreSQL Database
  db:
    image: postgres:15-alpine
    volumes:
      - postgres_data:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: myproject_dev
      POSTGRES_USER: myproject
      POSTGRES_PASSWORD: devpassword
    ports:
      - "5432:5432"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U myproject"]
      interval: 10s
      timeout: 5s
      retries: 5

  # Redis Cache
  redis:
    image: redis:7-alpine
    ports:
      - "6379:6379"
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 5s
      retries: 5

  # Django Application
  web:
    build:
      context: .
      dockerfile: Dockerfile
    command: python manage.py runserver 0.0.0.0:8000
    volumes:
      - .:/app  # Hot reload: changes reflect immediately
    ports:
      - "8000:8000"
    environment:
      - DJANGO_SETTINGS_MODULE=config.settings.development
      - DATABASE_URL=postgresql://myproject:devpassword@db:5432/myproject_dev
      - REDIS_URL=redis://redis:6379/0
    depends_on:
      db:
        condition: service_healthy
      redis:
        condition: service_healthy

  # Celery Worker
  celery:
    build:
      context: .
      dockerfile: Dockerfile
    command: celery -A config worker -l info
    volumes:
      - .:/app
    environment:
      - DJANGO_SETTINGS_MODULE=config.settings.development
      - DATABASE_URL=postgresql://myproject:devpassword@db:5432/myproject_dev
      - REDIS_URL=redis://redis:6379/0
      - CELERY_BROKER_URL=redis://redis:6379/0
    depends_on:
      - db
      - redis

volumes:
  postgres_data:
'''

print("üê≥ Docker Compose Example:")
print("="*60)
print(DOCKER_COMPOSE)
print("="*60)

print("\nüìù Usage:")
print("  docker-compose up -d          # Start all services")
print("  docker-compose logs -f web    # View Django logs")
print("  docker-compose exec web bash  # Shell into Django container")
print("  docker-compose down           # Stop all services")

### üéØ Exercise 3: Docker Commands

What commands would you use to:

1. Run migrations in Docker?
2. Create a superuser in Docker?
3. Access Django shell in Docker?
4. View logs from all containers?

<details>
<summary>üí° Click for solutions</summary>

```bash
# 1. Run migrations
docker-compose exec web python manage.py migrate

# 2. Create superuser
docker-compose exec web python manage.py createsuperuser

# 3. Django shell
docker-compose exec web python manage.py shell_plus

# 4. View all logs
docker-compose logs -f
```
</details>

---

## 5. Code Quality Tools {#5-code-quality-tools}

### Why Code Quality Matters

1. **Consistency**: Everyone writes code the same way
2. **Catch Bugs**: Find issues before they reach production
3. **Maintainability**: Easier to read and modify
4. **Team Efficiency**: Less time in code review debates

### Essential Tools

| Tool | Purpose | Example Issue |
|------|---------|---------------|
| **black** | Code formatting | Inconsistent indentation |
| **isort** | Import sorting | Random import order |
| **flake8** | Linting | Unused variables, long lines |
| **mypy** | Type checking | Wrong type passed to function |
| **bandit** | Security | SQL injection vulnerability |

In [None]:
# Example: .pre-commit-config.yaml

PRE_COMMIT_CONFIG = '''
# .pre-commit-config.yaml
repos:
  # Black - Code formatting
  - repo: https://github.com/psf/black
    rev: 23.12.1
    hooks:
      - id: black
        language_version: python3.11
        args: [--line-length=100]

  # isort - Import sorting
  - repo: https://github.com/PyCQA/isort
    rev: 5.13.2
    hooks:
      - id: isort
        args: [--profile=black, --line-length=100]

  # Flake8 - Linting
  - repo: https://github.com/PyCQA/flake8
    rev: 6.1.0
    hooks:
      - id: flake8
        args: [--max-line-length=100, --extend-ignore=E203]

  # mypy - Type checking
  - repo: https://github.com/pre-commit/mirrors-mypy
    rev: v1.7.1
    hooks:
      - id: mypy
        additional_dependencies: [django-stubs, djangorestframework-stubs]

  # Bandit - Security linting
  - repo: https://github.com/PyCQA/bandit
    rev: 1.7.5
    hooks:
      - id: bandit
        args: [-c, pyproject.toml]
        additional_dependencies: ["bandit[toml]"]

  # General hooks
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v4.5.0
    hooks:
      - id: trailing-whitespace
      - id: end-of-file-fixer
      - id: check-yaml
      - id: check-added-large-files
        args: [--maxkb=1000]
      - id: check-merge-conflict
      - id: detect-private-key
'''

print("üîß Pre-commit Configuration:")
print("="*60)
print(PRE_COMMIT_CONFIG)
print("="*60)

print("\nüìù Setup:")
print("  pip install pre-commit")
print("  pre-commit install")
print("  pre-commit run --all-files  # Run on all files")

### pyproject.toml Configuration

In [None]:
# Example: pyproject.toml

PYPROJECT_TOML = '''
# pyproject.toml
[tool.black]
line-length = 100
target-version = ['py311']
include = '\\.pyi?$'
exclude = '''
  /(
      \\.git
    | \\.venv
    | migrations
    | __pycache__
  )/
'''

[tool.isort]
profile = "black"
line_length = 100
skip_gitignore = true
known_first_party = ["config", "apps"]
sections = ["FUTURE", "STDLIB", "THIRDPARTY", "DJANGO", "FIRSTPARTY", "LOCALFOLDER"]
known_django = ["django", "rest_framework"]

[tool.mypy]
python_version = "3.11"
warn_return_any = true
warn_unused_configs = true
disallow_untyped_defs = false
disallow_incomplete_defs = true
check_untyped_defs = true
no_implicit_optional = true
warn_redundant_casts = true
warn_unused_ignores = true
warn_no_return = true
warn_unreachable = true
strict_equality = true
plugins = ["mypy_django_plugin.main", "mypy_drf_plugin.main"]

[tool.django-stubs]
django_settings_module = "config.settings.development"

[tool.bandit]
exclude_dirs = ["tests", "migrations"]
skips = ["B101", "B601"]

[tool.pytest.ini_options]
DJANGO_SETTINGS_MODULE = "config.settings.testing"
python_files = ["test_*.py", "*_test.py"]
addopts = "-v --tb=short --strict-markers --cov=apps --cov-report=html"
markers = [
    "slow: marks tests as slow (deselect with '-m \"not slow\"')",
    "integration: marks tests as integration tests",
]
'''

print("‚öôÔ∏è Pyproject.toml Configuration:")
print("="*60)
print(PYPROJECT_TOML)
print("="*60)

### üéØ Exercise 4: Fix Code Quality Issues

This code has multiple quality issues. Identify them:

```python
import os
from django.db import models
import json
from rest_framework import serializers

class User(models.Model):
    name=models.CharField(max_length=100)
    email=models.EmailField()
    
    def get_data(self):
        data={"name":self.name,"email":self.email}
        return json.dumps(data)
```

<details>
<summary>üí° Click for issues and fixes</summary>

**Issues:**
1. ‚ùå **isort**: Imports not sorted (Django imports should be grouped)
2. ‚ùå **black**: No spaces around `=` in class attributes
3. ‚ùå **black**: No spaces in dictionary
4. ‚ùå **flake8**: Unused import `serializers`
5. ‚ùå **mypy**: Missing type hints

**Fixed version:**
```python
import json

from django.db import models


class User(models.Model):
    name = models.CharField(max_length=100)
    email = models.EmailField()

    def get_data(self) -> str:
        """Return user data as JSON string."""
        data = {"name": self.name, "email": self.email}
        return json.dumps(data)
```
</details>

---

## Summary & Next Steps {#summary}

### What We Covered

‚úÖ **3-Tier Architecture**: Separation of Presentation, Business Logic, and Data layers  
‚úÖ **Project Structure**: Industry-standard Django project organization  
‚úÖ **Settings Pattern**: Environment-specific configurations (dev, staging, prod)  
‚úÖ **Docker Setup**: Containerized development environment  
‚úÖ **Code Quality**: Automated tools for consistent, high-quality code  

### Key Takeaways

1. **Separate concerns** - Keep views thin, services fat, models focused
2. **Use environment-specific settings** - Never hardcode configuration
3. **Containerize everything** - Docker ensures consistency
4. **Automate quality checks** - Pre-commit hooks catch issues early
5. **Follow conventions** - Standard structure helps team collaboration

### Next Module Preview

**Module 01: Data Layer - Models, Managers & Database Design**

We'll dive deep into:
- Efficient database schema design
- Custom Managers and QuerySets
- Database optimization (indexes, constraints)
- Zero-downtime migrations
- PostgreSQL-specific features

### Additional Resources

- [Django Documentation](https://docs.djangoproject.com/)
- [Two Scoops of Django](https://www.feldroy.com/books/two-scoops-of-django-3-x)
- [12-Factor App](https://12factor.net/)
- [Django Best Practices](https://django-best-practices.readthedocs.io/)

---

### üéØ Final Exercise: Set Up Your Project

**Task**: Create a production-ready Django project with everything we learned:

1. Create project structure with `config/` and `apps/`
2. Set up split settings (base, development, production)
3. Create `docker-compose.yml` with PostgreSQL and Redis
4. Configure pre-commit hooks
5. Create `.env.example` documenting all environment variables
6. Initialize git repository and make first commit

**Bonus**: Add a simple `users` app with service layer pattern!

---

**Congratulations!** üéâ You've completed Module 00 and established a solid foundation for production Django development. In the next module, we'll build on this foundation with advanced database patterns.

**Ready to continue?** Open `01_data_layer_models_managers.ipynb`