Being two of the most popular web frameworks in the python ecosystem, most backend developers would have at some point encountered the question of whether to use Django or Flask to build a webapp.
Both of these frameworks have a common goal, but the way they achieve it is what makes them different.
Django is like a frozen pizza. You get the pizza base, the sauce, the toppings and the grated cheese in one package and all your need is a microwave to satisfy your pizza craving.
Even though this is super convenient, a frozen pizza could hardly beat the flavour of making a pizza from scratch using nothing but a pizza base.
With a pizza base, you have the option to choose your own sauce and toppings along with the quantity of cheese. This is much more tailored to your palette and food preferences. It is more "flavourful" if you will and this is what Flask does.
Depending on the context you are currently in, either of these pizzas might be the right choice.
Both of these frameworks were created for the purpose of building web apps. They are both open sourced and have a pretty sizable and active community that is backing them and constantly improving the projects.
Django comes with a lot of built in functionality which includes certain design patterns, features and tools. This means that a developer's job is only to focus on the core business logic and write as little code as possible.
Flask on the other hand does not make any assumptions on how you like to build your application and only provides the basic features which include things like a template engine, url routing, cookies, a development server, etc.
Django provides all of these as well and so does any other web framework, but building an application requires more. For instance, an ORM that forms an abstraction layer between the application and a database is essential.
Flask allows you to build this out yourself either by using existing extensions and libraries or by writing your own code. Flask is therefore a lot more flexible and this could be important if you have a specific use case which does not get solved in an elegant way using a ready made solution like Django.
It entirely depends on what you are trying to accomplish and how you want to accomplish it. But there are few factors to keep in mind while choosing your framework.
Django works great for relational databases and it has support for MySQL, PostgresSQL, SQLite and Oracle.
As mentioned earlier Django comes with an elegant ORM (Object-Relational Mapping) which makes it very easy to build CRUD capabilities. The ORM also has support for database migrations, so no raw queries would have to be manually written to update your schema.
Flask on the other hand let’s you store your data in any form that you see fit. You could write raw queries if you wish or you could use an extension like SQLAlchemy to add ORM capabilities to your application.
Flask is generally a good choice to go with when you are working with non relational databases such as MongoDB or Redis.
Django has pretty bad support for non-relational databases and even if you manage to get it working, you won’t be able to take advantage of a lot of features that Django offers as they only work for relational databases.
Django enables super fast development. You could potentially have a working web application in a day or two and take it to production.
Since most of the functionality is already built in, the only development time is spent on writing business logic and choosing the right Django modules to include.
Flask on the other hand requires quite a bit of upfront setup time before you can actually start working on your business logic.
Django should be used if you anticipate your application to scale into a huge project with a lot of moving parts, user interactions and high volumes of content. For instance, Instagram is built using Django.
While flask could also be used to achieve the same, it would not be recommended unless you really insist on doing things your own way.
Flask is generally used for building small scale applications that have a predetermined set of functionality and are expected to do only one particular thing correctly such as a personal blog.
Django uses the Model-View-Controller (MVC) architecture which does a good job of separation of concerns and enabling reuse of components. This makes it highly scalable.
Flask does not follow any particular design pattern and you are free to use whatever you like. You can choose to make your application scalable or a throw away app that only does one thing and is not touched again.
Django comes with an inbuilt User model that can be used to authenticate all your APIs as well as control the permission of those who log in to the admin panel.
This can be used for account and session management and you can keep a record of which account is performing what actions.
Flask does not have support for account management. You can use cookies which are provided out of the box to establish sessions but for account management, a 3rd party extension such as Flask-Login would have to be used.
Perhaps the most important feature of any web framework is the ability to configure a URL route and a corresponding function/class to be called when that URL is invoked.
In Django, URLs are defined in urls.py and the function to be called on hitting those URLs are defined in views.py.
When a HTTP request is made, a request object is explicitly passed to the view and this object must be passed around to access it anywhere.
In Flask, URL routes are defined in the views itself in the same file using a decorator pattern. The request object is global and can be accessed anywhere if imported. You can virtually have just one file handling your entire application.
I spent a good part of my career writing REST APIs and doing it in Django is an absolute breeze because of the Django REST framework. APIs can be built quite rapidly using DRF and it provides everything including generic views that you can import, serializers, request validation and auth.
Flask also has good extensions to achieve this but all the above mentioned features are offered by different extensions. For instance you could use Flask-RESTful alongside Flask-Marshmallow for serialization and Flask-JWT for auth.
Django provides out of the box support to handle common security threats such as cross site scripting, clickjacking and SQL injections.
With Flask you would have to once again rely on 3rd party extensions to achieve this and since security is a sensitive issue, a thorough evaluation of the extension and constant updation of the extension would be needed.
This is a good piece on how you can secure your Flask applications.
In my opinion, there is not much difference in performance between the two frameworks. Both of them can be used for high traffic websites with no problems.
One could argue that Flask has better performance because there is less surface area to cover in terms of the code that is invoked due to being a smaller framework but I find this difference practically negligible.
Neither of these frameworks are a “one size fits all”. If you cannot compromise on flexibility and customization I would recommend using Flask. For all other intents and purposes, Django is probably a better choice.
Having said that, another reason I would recommend flask is if your intention is to learn web development.
Flask has one of the cleanest python code I have ever seen and a beginner would find it a lot easier to use Flask than Django because of its lightweight nature and no overhead.
If you start learning web development directly with Django, you run the risk of learning more about django itself than actual web development because of the overhead involved in setting it up.
If you prefer to solve this Django vs. Flask debate by looking at what code looks like in either of these frameworks, I would recommend checking out this article.
In conclusion, whether you choose to eat a frozen pizza or a pizza made from scratch, the fact remains that you managed to satisfy your hunger and that’s what matters at the end of the day.
Happy coding!