DjangoCon Europe 2020 (Virtual) September 19, 2020 - 09h55 (GMT+1)
"Security strategies for multi tenant applications" by Raphael Michel
When writing multi-tenant applications, a very typical and dangerous bug is to forget about a WHERE statement and show data to the wrong users. This often goes unnoticed, since most people are only testing with one user account. This talk discusses strategies to prevent this class of error entirely.
Note: Q&A not available due to technical problems.