# **CSE 309 - Final Solve - Spring 2023**

## **Question 1 & 1 (OR)**

[![image.png](https://i.postimg.cc/SxvBvycX/image.png)](https://postimg.cc/zyT2LYt5)

## **1.**

### **a. Explain Django architecture with an appropriate diagram:**

Django follows the **Model-View-Template (MVT)** architectural pattern. Here's an explanation of its components and workflow:

1. **Model**: Represents the database schema and business logic. It defines the data structure and provides methods to interact with the database.
2. **View**: Acts as a bridge between the Model and Template. It contains logic to process user requests, fetch data from the model, and send it to the template for rendering.
3. **Template**: Handles the presentation layer. It renders HTML with dynamic data passed by the view.
4. **Django ORM**: The Object-Relational Mapping (ORM) allows interaction with databases using Python code instead of SQL.
5. **Middleware**: Processes requests and responses globally before reaching the views or after leaving them.
6. **URL Dispatcher**: Maps URLs to the corresponding view functions.

##### **Django Architecture Diagram**:

```plaintext
Client (Browser)
    ↓
HTTP Request
    ↓
URL Dispatcher (urls.py)
    ↓
View (views.py) → Middleware
    ↓
Model (models.py) ↔ Database
    ↓
Template (templates/)
    ↓
HTTP Response
```

---

### **b. Define static files and explain their uses:**

**Static files** are files that do not change frequently and are used to enhance the appearance and functionality of a web application. Examples include CSS, JavaScript, and image files.

##### **Uses**:
1. **Styling**: CSS files are used to style the web pages for a better user interface.
2. **Client-side Interaction**: JavaScript files enable dynamic and interactive behavior in web pages.
3. **Media**: Images, fonts, and other media are served as static resources for content delivery.

In Django, static files are managed using the `STATICFILES_DIRS` and `STATIC_URL` settings.

---

## **1.OR**

### **a. Explain the Django project directory structure:**

A Django project typically consists of the following structure:

```plaintext
myproject/
    manage.py
    myproject/
        __init__.py
        settings.py
        urls.py
        asgi.py
        wsgi.py
    app1/
        migrations/
        __init__.py
        admin.py
        apps.py
        models.py
        tests.py
        views.py
        templates/
        static/
```

##### **Explanation**:
- **Outer `myproject/`**: The root directory containing the project.
  - **`manage.py`**: A command-line utility for managing the project.
- **Inner `myproject/`**: The main project package.
  - **`settings.py`**: Contains project settings like database configuration, installed apps, etc.
  - **`urls.py`**: Maps URLs to views.
  - **`asgi.py` and `wsgi.py`**: Entry points for ASGI and WSGI servers.
- **`app1/`**: Represents an individual app with its specific functionality.
  - **`models.py`**: Defines the database schema.
  - **`views.py`**: Contains logic for handling HTTP requests.
  - **`templates/`**: Houses HTML files for the app.
  - **`static/`**: Stores static files like CSS and JavaScript.

---

### **b. Define Cookies and explain limitations of Cookies:**

**Cookies** are small pieces of data stored on the client’s browser. They are used to remember user information between requests.

##### **Uses**:
1. **Session Management**: To maintain login states and track user sessions.
2. **Personalization**: Storing user preferences like themes or language settings.
3. **Tracking**: Recording user activity for analytics.

##### **Limitations**:
1. **Storage Size**: Cookies are limited to 4KB of data.
2. **Security Risks**: Cookies can be intercepted or manipulated if not secured properly (e.g., without HTTPS or HttpOnly flags).
3. **Browser Dependency**: Users can disable cookies, limiting their functionality.
4. **Performance**: Excessive or poorly managed cookies can slow down the browser due to repeated transmission with each request.

## **Question 2**

[![image.png](https://i.postimg.cc/QdCZX6DW/image.png)](https://postimg.cc/KR6HfDRZ)

### **a. How Django Handles User Authentication and Authorization**

Django provides a robust authentication and authorization system out of the box. The process is broken down into two parts:

1. **Authentication**: Verifying the identity of a user (e.g., via login).
2. **Authorization**: Determining the permissions a user has for specific actions or resources.

#### Key Components of Authentication and Authorization in Django:
1. **Authentication Framework (`django.contrib.auth`)**:
   - Provides user management (e.g., `User` model).
   - Handles login, logout, password management, and session tracking.

2. **Authorization Framework**:
   - Provides permission management via models like `Permission` and `Group`.
   - Integrates with Django's ORM to define and enforce permissions.

3. **Middleware**:
   - The `AuthenticationMiddleware` associates the user with the current session.

4. **Backend System**:
   - Django uses authentication backends (e.g., `ModelBackend`) to validate credentials.

#### Example Program for Authentication and Authorization:
```python
# views.py
from django.shortcuts import render, redirect
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required
from django.http import HttpResponse

# User Login View
def user_login(request):
    if request.method == 'POST':
        username = request.POST['username']
        password = request.POST['password']
        user = authenticate(request, username=username, password=password)  # Authentication
        if user is not None:
            login(request, user)  # Logging in the user
            return redirect('dashboard')
        else:
            return HttpResponse("Invalid credentials")
    return render(request, 'login.html')

# User Dashboard (Requires Authentication)
@login_required
def dashboard(request):
    return HttpResponse(f"Welcome {request.user.username}! You are authenticated.")

# User Logout View
def user_logout(request):
    logout(request)
    return HttpResponse("You have been logged out.")
```

#### Explanation:
1. `authenticate()` validates the user credentials against the database.
2. `login()` associates the user with the current session.
3. `@login_required` ensures the `dashboard` view is accessible only to authenticated users.
4. `logout()` clears the session data and logs the user out.

---

### **2b. Building Custom Middleware in Django**

Middleware in Django is a way to process requests and responses globally before they reach the view or after the view has processed them. Custom middleware is useful for logging, request filtering, or modifying responses.

#### Steps to Create Custom Middleware:
1. Create a Python class that implements the middleware.
2. Implement one or more of the middleware hooks (`process_request`, `process_response`, etc.).
3. Register the middleware in the `MIDDLEWARE` setting.

#### Example: Logging Middleware
Here’s an example middleware that logs the path and method of every incoming request.

```python
# my_middleware.py
class LoggingMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        # Log request details
        print(f"Request Path: {request.path}, Method: {request.method}")

        # Process the request
        response = self.get_response(request)

        # Log response details
        print(f"Response Status Code: {response.status_code}")

        return response
```

#### Explanation:
1. `__init__(self, get_response)`:
   - Initializes the middleware.
   - `get_response` is the next layer in the middleware stack.
2. `__call__(self, request)`:
   - Processes the request and calls `get_response` to get the response.
3. Logs the request's path and method before the view is executed, and logs the response's status code afterward.

#### Registering the Middleware:
Add the middleware to `settings.py`:
```python
MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.middleware.common.CommonMiddleware',
    # Your custom middleware
    'my_project.my_middleware.LoggingMiddleware',
]
```

#### Testing the Middleware:
1. Run the server.
2. Access any endpoint.
3. Observe logs in the console.

By understanding Django's built-in authentication and middleware creation, developers can customize and extend functionality efficiently.

## **Question 3**

[![image.png](https://i.postimg.cc/MZyStPqy/image.png)](https://postimg.cc/WtbC17D3)

```html
<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="UTF-8" />
        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
        <title>Number Validation</title>
        <style>
            body {
                font-family: Arial, sans-serif;
                display: flex;
                justify-content: center;
                align-items: center;
                height: 100vh;
                margin: 0;
                background-color: #f4f4f4;
            }
            .container {
                text-align: center;
                background: #fff;
                padding: 20px;
                border-radius: 8px;
                box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1);
            }
            input {
                padding: 8px;
                font-size: 16px;
                border: 1px solid #ccc;
                border-radius: 4px;
                width: 200px;
            }
            button {
                padding: 8px 12px;
                font-size: 16px;
                color: #fff;
                background-color: #007bff;
                border: none;
                border-radius: 4px;
                cursor: pointer;
            }
            button:hover {
                background-color: #0056b3;
            }
            .message {
                margin-top: 15px;
                font-size: 16px;
            }
        </style>
    </head>
    <body>
        <div class="container">
            <h1>Number Validation</h1>
            <input type="text" id="userInput" placeholder="Enter a number" />
            <button onclick="myFunction()">Submit</button>
            <div id="validationMessage" class="message"></div>
        </div>

        <script>
            function myFunction() {
                const input = document.getElementById("userInput").value;
                const messageDiv = document.getElementById("validationMessage");

                if (!isNaN(input) && input >= 1 && input <= 100) {
                    messageDiv.textContent = "Input is Valid.";
                    messageDiv.style.color = "green";
                } else {
                    messageDiv.textContent = "Input not valid.";
                    messageDiv.style.color = "red";
                }
            }
        </script>
    </body>
</html>
```

[![image.png](https://i.postimg.cc/C1KWxHzd/image.png)](https://postimg.cc/KKd99T7y)
[![image.png](https://i.postimg.cc/Mp5wZGdP/image.png)](https://postimg.cc/755dmqv0)
[![image.png](https://i.postimg.cc/ncZr0YGj/image.png)](https://postimg.cc/c69dJ3j0)


## **Question 4**

[![image.png](https://i.postimg.cc/y6rBSmrC/image.png)](https://postimg.cc/4ntjD9gW)

Here is a Django model implementing the described scenario using OOP principles:

```python
from django.db import models


class FinalExam(models.Model):
    std_id = models.IntegerField(unique=True)
    std_name = models.CharField(max_length=200)
    sec = models.TextField()
    QM = models.DecimalField(max_digits=4, decimal_places=2)
    final = models.DecimalField(max_digits=4, decimal_places=2)
    uploaded_date = models.DateTimeField(auto_now_add=True)

    def total_marks(self):
        return self.QM + self.final

    def __str__(self):
        return f"Student ID: {self.std_id}, Name: {self.std_name}, Total Marks: {self.total_marks()}"
```

### Explanation:

1. **Fields:**
   - `std_id`: Stores the student's unique identification as an integer.
   - `std_name`: Stores the student's name as a string with a maximum of 200 characters.
   - `sec`: Stores the section as text.
   - `QM`: Stores marks of Quiz and Mid-Term, supports fractional values (up to 4 digits and 2 decimal places).
   - `final`: Stores marks of the Final Exam, similar to `QM`.
   - `uploaded_date`: Automatically stores the timestamp when the record is created.

2. **Methods:**
   - `total_marks`: Computes the total marks by summing `QM` and `final`.
   - `__str__`: Returns a formatted string that includes the student's ID, name, and total marks.

## **Question 5**

[![image.png](https://i.postimg.cc/jj5GHXdr/image.png)](https://postimg.cc/21scmnZH)

### a. Template Inheritance in Django

In Django, template inheritance allows you to define a base template with common elements and have other templates extend it. Below is a simple demonstration:

#### Base Template (`base.html`):
```html
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>{% block title %}My Django App{% endblock %}</title>
</head>
<body>
    <header>
        <h1>Welcome to My Django App</h1>
    </header>
    <nav>
        <ul>
            <li><a href="/">Home</a></li>
            <li><a href="/about/">About</a></li>
            <li><a href="/contact/">Contact</a></li>
        </ul>
    </nav>
    <main>
        {% block content %}
        <p>This is the default content. Replace it by overriding the content block.</p>
        {% endblock %}
    </main>
    <footer>
        <p>&copy; 2024 My Django App</p>
    </footer>
</body>
</html>
```

#### Inherited Template (`home.html`):
```html
{% extends "base.html" %}

{% block title %}Home - My Django App{% endblock %}

{% block content %}
<h2>Home Page</h2>
<p>Welcome to the home page of our Django application!</p>
{% endblock %}
```

#### Explanation:
1. **Base Template (`base.html`)**:
   - Defines the structure of the page.
   - Contains blocks (`{% block %}`) to be overridden in child templates.
   - Provides default content for each block.

2. **Inherited Template (`home.html`)**:
   - Extends the base template using `{% extends "base.html" %}`.
   - Overrides specific blocks (`title` and `content`) as needed.

---

### b. Five Most Commonly Used Built-in Middleware Components in Django

1. **`django.middleware.security.SecurityMiddleware`**:
   - Enhances security by adding headers like `Strict-Transport-Security` and redirects HTTP to HTTPS.

2. **`django.contrib.sessions.middleware.SessionMiddleware`**:
   - Manages user sessions by enabling session storage and retrieval.

3. **`django.middleware.csrf.CsrfViewMiddleware`**:
   - Protects against Cross-Site Request Forgery (CSRF) attacks by verifying requests with a CSRF token.

4. **`django.middleware.common.CommonMiddleware`**:
   - Handles URL redirection (like adding a trailing slash) and adds useful headers for the app.

5. **`django.contrib.auth.middleware.AuthenticationMiddleware`**:
   - Associates users with requests using Django's authentication framework, allowing access to `request.user`.