I use PageNumberPagination for simple, bookmark-friendly pagination and CursorPagination when data changes frequently (prevents duplicate/missing items between pages). Creating a custom pagination class lets me control page_size, page_size_query_param

For apps with replicas, route read-only code paths to reading role and enforce prevent_writes. This is a strong reliability move: accidental writes on replicas become exceptions instead of silent data loss.

Sessions store user state across requests. Django supports database, cache, file, and cookie-based sessions. I use cacheddb for read performance with database persistence. For APIs, I avoid sessions in favor of token auth. The request.session dict-lik

Direct deletes can be risky and slow. Mark records for deletion, then sweep in batches in a maintenance job. This gives you observability and a rollback window.

Retries are inevitable: mobile clients, flaky networks, and load balancers will resend POST requests. Without idempotency you end up double-charging or double-creating records. I store an Idempotency-Key with a sha256 hash of the request body and the

Django stores datetimes as UTC in the database when USE_TZ=True. I use timezone.now() instead of datetime.now() to get aware datetimes. The timezone.localtime() converts UTC to user's timezone for display. For user input, I use timezone.make_aware() t

For controller-level confidence, I add a request spec that sets Accept: text/vnd.turbo-stream.html and asserts the response includes a turbo stream action. This is faster than a system test and catches accidental template name changes (create.turbo_st

CI has to be fast enough that developers don’t bypass it. I cache npm’s package store so we’re not re-downloading the world every run, and I split lint / test / build into separate steps so failures are obvious and logs are readable. The other non-neg

Tabs often turn into a mini-SPA. Instead, I treat each tab as a URL and load its content into a turbo_frame_tag named tab_content. Clicking a tab link targets that frame. This gives you browser history, deep linking, and sharable URLs, while keeping t

Throttling prevents API abuse by limiting request rates. DRF provides AnonRateThrottle for anonymous users and UserRateThrottle for authenticated users. I configure rates in settings like 'user': '100/hour'. For custom logic, I subclass BaseThrottle a

When I’m on Rails 7+, I like broadcasts_to because it makes realtime behavior obvious in the model. Instead of writing explicit after_create_commit hooks, I declare that a model broadcasts to its parent or to a scope. Then Turbo uses conventional part

Turbo stream re-renders can drop focus, which is rough for accessibility. Use turbo:render to focus the first invalid field inside a specific container. This feels “native” and reduces user friction.