> Django feels like too much overhead for smaller projects
It depends. My advice is always: stick to django no matter what, unless you are a seasoned web devs. I've seen too many flask projects with terrible architecture decisions and security holes because flask assumes (by nature) you can take those decisions.
Those decisions are not easy to take. They require a deep knowledge of the field.
So yes, one may chose flask or fast api as a lighter alternative, provided they know very well what they are doing, or that the consequences of not knowing are small. The later is not always simple to evaluate however, especially if you are not experienced. You don't know what you don't know after all.
If somebody doesn't know if they are an experienced web dev, or the consequences of their choices, they should use Django.
It will save them from SQL injection, XSS, Cross request forgery and click hijacking. It will provide an pluggable auth backend should you need it later. It will force you to put some parts of your code in separate sillows. This is a good thing for most people.
Frankly if you go with the most popular extensions: Flask-SQLAlchemy, Flask-Login and Flask-Admin you will have more or less all the features of Django with a nicer API, better documentation and more flexibility
I've been using all of them, and no, not at all. Flask-admin is a far cry from the django admin. It's also buggy sometimes.
Flask-SQLalchemy is not well integrated at all. E.G: try to play with it in the shell, the session management is annoying as hell.
As of flak-login, it doesn't have a tenth of the
Also you forgot: csrf handling, i18n, xss, click hijacking, cache backends, and so on. That's again, more plugins you have to select.
And that's a lot to configure, learn doc, then upgrade when the times come, on top of that.
All of them will, obviously, not be compatible with SQLA 2 next year, because the projects are not a whole, so it's going to be even more fun on the months to come.
This is a good summary. Sometimes I too forget how much stuff Django provides out of the box for free. But now it is an old and boring tech, apparently. Oh well.
agree it depends, and I haven't looked at Django for years - so can't comment on it.
However, I have been using FastAPI with Jinja2 & htmx to create web APIs and UIs for some of our services. Individually, they're great; collectively they're a joy. I'm no front end dev, but even I can put together functional, decent-looking apps in a few hundred lines of code. They bare comparison to angular apps that can easily be an order of magnitude more code.
It depends. My advice is always: stick to django no matter what, unless you are a seasoned web devs. I've seen too many flask projects with terrible architecture decisions and security holes because flask assumes (by nature) you can take those decisions.
Those decisions are not easy to take. They require a deep knowledge of the field.
So yes, one may chose flask or fast api as a lighter alternative, provided they know very well what they are doing, or that the consequences of not knowing are small. The later is not always simple to evaluate however, especially if you are not experienced. You don't know what you don't know after all.
If somebody doesn't know if they are an experienced web dev, or the consequences of their choices, they should use Django.
It will save them from SQL injection, XSS, Cross request forgery and click hijacking. It will provide an pluggable auth backend should you need it later. It will force you to put some parts of your code in separate sillows. This is a good thing for most people.