https://dev-flow.io/en/tags/security/ Recent content in Security on DevFlow · Python Django Developer Freelance Hugo en Tue, 26 May 2026 00:00:00 +0200 https://dev-flow.io/en/posts/django-rest-access-policy/ Tue, 26 May 2026 00:00:00 +0200 https://dev-flow.io/en/posts/django-rest-access-policy/ rest_access_policy replaces DRF's has_permission classes with declarative statements. Readable, testable, and extensible access rules with no risk of oversight. https://dev-flow.io/en/posts/hash-hmac-token-security/ Mon, 25 May 2026 00:00:00 +0200 https://dev-flow.io/en/posts/hash-hmac-token-security/ sha256, salt, HMAC or encryption? Each mechanism offers different guarantees. Here is how to choose based on your actual need, with Django examples. https://dev-flow.io/en/posts/django-timing-attacks/ Thu, 14 May 2026 00:00:00 +0200 https://dev-flow.io/en/posts/django-timing-attacks/ A == comparison on a token leaks information through execution time. Django provides constant_time_compare() to eliminate timing attack risks in production.