IMPORTANT: The Django Crafts repository contains sample projects and tutorials for educational purposes. We are not responsible for any security leakages that might occur in your production environment if you implement these examples without proper security considerations. Please refer to the original packages' documentation and security guidelines for any corrections or updates.
If you discover a security vulnerability within any of the projects in this repository:
- Do Not disclose the vulnerability publicly
- Send an email to [email protected] describing the issue
- Allow time for the vulnerability to be addressed before disclosing it publicly
When implementing any of the projects from this repository in your own applications, please consider the following security best practices:
- Keep Dependencies Updated: Always use the latest stable versions of Django and other dependencies
- Secure Environment Variables: Never commit sensitive information like API keys or passwords
- Implement Proper Authentication: Follow security standards for user authentication
- Regular Security Audits: Perform regular security audits of your code
- Follow Django's Security Guidelines: Refer to Django's security documentation
For specific security concerns related to the packages used in these projects, please refer to the security documentation of the original packages:
- Django: Django Security
- Django Two-Factor Authentication: Refer to the documentation of the specific package used in the django2fa project
- Django Passkeys: For WebAuthn and Passkey implementation, refer to WebAuthn Documentation and FIDO Alliance Guidelines
- Django reCAPTCHA: For integration of Google reCAPTCHA, refer to Google reCAPTCHA Documentation
- Django SSO: For Single Sign-On implementation, refer to OAuth 2.0 Security Best Practices and OpenID Connect Security
We only support the latest version of each project in this repository. If you find security issues in older versions, please upgrade to the latest version before reporting.