Hi everyone,
I’m Shashank Kushwaha , a BTech Cybersecurity student interested in contributing to Django for GSoC 2026, with a focus on improving security practices for Django applications.
While building backend systems, I observed that handling secure file uploads, access control, and audit logging often requires developers to implement custom solutions. These implementations can vary significantly in quality and may introduce security risks if not done carefully.
Proposal Idea
I propose to develop a Django Security Toolkit that provides reusable and standardized components for secure file handling and access control.
Instead of building a standalone application, this project would focus on creating modular tools that can be integrated into any Django project.
Key Features
-
Secure file upload system with encryption support
-
Expiring and signed URLs for controlled file access
-
Role-based access control utilities
-
Audit logging system to track file access and actions
-
Configurable security policies for different use cases
Expected Outcomes
-
A reusable toolkit for improving security in Django applications
-
Reduced need for developers to implement custom security solutions
-
Better alignment with secure coding practices
Open Questions / Feedback Needed
-
Are there existing Django packages or discussions that overlap with this idea?
-
Would this be better positioned as a third-party library or aligned with Django’s ecosystem tools?
-
What scope would be appropriate for a GSoC project?