- csrf_token takes care of all vulnerabilities (sql_injections and all others that we might have not implemented)
- No need to have additional securities like .htaccess as Django maps urls to views and not to directory structures.
- Most of the form verifications is taken care on django side, so no need to add lots of checks to ensure correct data is inserted
- Easy integration with useful python modules
- Has its own database and server, so works on all devices ( reduces issues like this is not working on my device ) and provides easy installation
- We might integrate it with socets to enable realtime chat as well.
- Easy integration with openId (lots of video tutorials about the same)
- Template inheritance makes amending frontend very easy
- And obiously learning django won't do any bad
If this idea is accepted, I will release the project with all the backend progress that we have done till now along with working evaluation verdict by tonight for testing and with frontend by tomorrow. So there won't be any time loss in swiching.