For the last month, I’ve been learning Python and building an app along the way. There are already a lot of blogs out there on Flask, web crawling, and Python in general but what I usually find lacking are notes on best practices such as using virtual environments, testing code, and even using sessions responsibly—and understandably so, since they are meant to be quick tutorials.
If you are already a developer and just starting to use Python, I hope this article will serve as a quick reference that will lead you to resources and documentation on best practices that would be good for you to know in the long run.
I wanted to create an app that will take a screenshot of all my recipes in Pepperplate and upload them to Dropbox. Pepperplate is a recipe management app that seems to be unmaintained for a while. It has been acting glitchy these days that I fear all my recipes will soon vanish, and I am not alone in this sentiment.
My interest in Python piqued when StackOverflow’s 2019 Survey Results came out. Python was crowned as 2nd in the “Most Loved Language” category and 1st in “Most Wanted Language.” I wanted to learn a new language and get out of my “PHP” bubble. Also, most articles I've read about web crawling use Python.
So, given my desire to create a web crawling app, desire to learn a new language, and the survey results, I decided to go with Python.
Using Virtual Environments
Usually creating your first Python script will simply involve installing Python, creating a .py script and running
While I was using
venv in combination with
pip, I came across the problem of managing or keeping track of the Python packages I’ve been installing. I could run
pip freeze and I would have a list of requirements that I can add to my code repository. However, I found it tedious to have to run this code separately. I was hoping to have the same experience as I have with
npm where whenever I install a package, it would automatically add this package in a requirements file (e.g.
This is where
pipenv comes in. It has both the functionality that
pip provide to make package management in Python a smooth experience.
Thoughtbot has a good article that helped me get started with
When you're just starting with Python and Flask (or any language, framework, or tool), it's tempting to just run with “what you know”. And since Flask is a microframework, it's not laid out right away how your application should be structured.
That's why I think Blueprints are worth mentioning if you want to build a flask application properly—assuming of course, that your app does not involve only a handful of routes. Any flask tutorial series that are worth their salt will include Blueprints at some point. But since my python app was exclusively backend code and do not involve assets or templates, I jumped into Blueprints right away.
Blueprints can be intimidating especially since I'm just starting with Python. I was also running into problems because the hackersandslackers had a typo in their code. I had to go back to the Python docs to make sure I wasn't missing anything and I understood how Python imports work.
You'd have to invest some time truly understanding Blueprints but it is worth it.
Using Sessions Responsibly
My app needs to store access tokens retrieved from Dropbox's oAuth2 flow. It's helpful to know that Flask by default stores session data in the client. Granted, it is signed so it cannot be modified. But it is not encrypted but merely encoded and therefore, can be read and decrypted.
Since access tokens are meant to be secret, it is best practice to store them in the server instead of in the client where data can be read.
Another best practice that I want to quickly mention is testing. You can choose 3 frameworks:
pytest. Test&Code has a comparison of these three. You can see my tests in GitHub.
These best practices are not unique to Python. If you're coming from another language, you've probably practiced them already. But if you're just starting with Python, I hope this article helped you quickly apply best practices the Python way.
Next up in my blog, I will write a step-by-step guide on how I implemented a Dropbox oAuth2 flow in Flask, including writing tests in PyTest.