October 16th, 2012

Web2py 2.0

Free open source full-stack framework for rapid development of fast, scalable, secure and portable database-driven web-based applications. Written and programmable in Python. Free online book: Web2py book 4th Ed.


If you are familiar with Rails development, then web2py is essentially the Python version. Your controller returns a dictionary, and the view decides what's done with that data. Should the view return an HTML document, a JSON response, or something entirely different. Thus, this makes Web2py a true MVC framework, which allows for rapid development. Since web2py comes with an arsenal of pre-made views, you can jump right in and begin developing the backend code without worrying about the front-end code until it comes time. I wish other frameworks shared this mentality really...

The installation and setup is just as simple as their homepage puts it out to be. It's like the "Mac" for software setup, it's just simple on every platform. Furthermore, one doesn't need to learn complex command lines to get around this framework, a command-line is completely optional. Which brings me to their fully featured administrative interface. This interface is targeted towards local development, as there is only a single password to access it and no ACLs. You can use this web interface in production, but it will only work through SSL/HTTPS for security reasons. Since this administrative interface basically gives you entire access to all the source code, and the ability to create new applications, it's very necessary that this access doesn't get into the wrong hands. Although, you should be-able to SSH tunnel into the server to access it with ease as well, if you don't plan on deploying an SSL-enabled website. Tunneling the admin over SSH is most likely the safest method.

A huge advantage of we2py's administrative interface, is that it has some interesting options for creating and deploying applications. You can even create an application using a Wizard interface, which I will go through later in this review. It also includes easy access to deploy your application on either Google App Engine or RedHat OpenShift. The easy deploy ability can be a good selling point for developers, since it is integrated right into web2py. Not many frameworks include such an innovative idea as this.

As for the Python syntax used to create application, it will give many Python developers mixed feelings. There is no need to import any of web2py's API within your own code, as it's all auto-imported when your code is dynamically loaded by web2py. This makes it easier for entry developers, or developers which don't like dealing with imports in their code. The downside, is that working in a separate IDE which expects imports for code coverage, may cause problems. Doing some research online, it does seem that this does pose a problem when working with external IDEs, although there are workarounds for each IDE. Some Python specific IDEs appear to have plugins especially for web2py to work within them correctly. If you are fond of your external Python IDE, be prepared for some changes when working with web2py, expect this to get better in the future.

I am not going to go into coding details in this review, as their online book has many examples you can go through to see if this type of syntax matches your coding style. Personally, I didn't mind it that much. If you are/were a Rails developer, the syntax should look familiar. If you are coming from Rails, I highly recommend reading from Rails to Web2py from the web2py AlterEgo blog. It fully explains the differences and how to get accustomed to web2py quickly. You will quickly notice how similar both frameworks are.

As mentioned earlier in this review, there is an application wizard, which you can use to quickly build a database-driven application in mere minutes. When you first enter the wizard, you will be prompted for an application name. The second page has a large array of options you can customize, which include selecting from various plugins and providing the basic application details such as the author, theme and such. The theme component is especially awesome, think of it on the lines of an entire website theme like in Joomla, and there is a large list to choose from too. You can also create your own theme as well. Another interesting option is selecting janrain as the login method, which simplifies your development efforts even further. Whereas other frameworks require you to go hunting over the Internet for various apps and pieces for your puzzle, like a social login component. Web2py includes this ability right out of the box, and it is literally a simple option away when using the wizard.

The next step in the wizard, is where you can specify database models for your application. This part takes all the effort of needing to manually code the models in Python, since this will automatically generate the Python code for you. As you can see from the screenshot to the right, it is pretty flexible and provides many options for any type of database schema you are planning on building.

Once you design your database tables, you are then brought to a page creator. It will have a few default pages, and also create manage pages for the tables you created to enable easy CRUD. And when I say easy, I really do mean it. Once this wizard is complete, you will see the magic of this wizard, and soon see how powerful a tool it is for initial prototyping of a website. Although the administrative interface is limited to a single password and for development, each application has it's own user table with permissions. These permissions are not site-wide and are limited to the application. If you change around how the databases are used, you could technically make multiple applications share data.

The next few pages in the wizard fill out the views for the pages you specified. The very last page where you finally generate the application has many checkboxes for what exactly you want to generate. You can generate models, controllers, views, menus, apply layouts, erase the database, and even populate the database with fake data for testing purposes.

The generated manage page is far from simple. It offers the ability to create new records, and edit/delete existing ones. But that's not all, it also provides the ability to export the data in various formats. Furthermore, with the built-in views, you can easily export the data to JSON as well. All of this was created in a matter of minutes after installing Web2py. I can see from this, that the goal of web2py is to make web development as easy and painless as possible. It has more magic than most Python frameworks out there, so this may turn off some hardcore Python developers.

Now lets talk about their Database Abstraction Layer, which is most interesting. Their DAL supports Django and SQLAlchemy models. This means, that porting over existing code to web2py is very simple, to say the least. You can keep your existing Database model code, you still need to use their DAL for reading and writing the data. Although I'm sure you can just use SQLAlchemy alone without even touching their DAL. From other reviews online, I can see that the web2py DAL is very fast on it's feet, so using it over replacing it entirely with SQLAlchemy may be a solution.

The templates in web2py are Python-based, whereas you can write Python code right inside your view. Although some MVC purists will not like this, as this means your mixing the logic code with your view. Web2py includes many HTML design helpers, you can easily generate forms and various HTML tags using simple Python functions. This may be good for Python developers who are writing the front-end code, but for pure web designers with no Python experience, this may not be the best solution. Although you don't need to use these HTML helpers if you don't want to, they are included for the sake of convenience for Python programmers. Although you should make use of the URL helper regardless.

Web2py really shines when it comes to working with AJAX, as it comes bundled with an easy to use AJAX framework. To some developers this might be a bad thing, as to integrate an AJAX solution into a web framework. Think of the positives of having a fully integrated solution. Rails was very successful because it implemented a great AJAX API, which made developing Web 2.0 applications a breeze, so websites like Twitter were able to get up and running fairly quickly with the least amount of code. Web2py is attempting to mimic this success, so that Python developers can obtain the success which Twitter obtained. Having a non-integrated AJAX solution means more code, and that's more code which you need to bug check, and make sure is secure. If AJAX is baked into your web framework, if an exploit is ever found, a simple upgrade of your web framework will patch it right up. Whereas, if you are working with custom code, you will be in charge of patching these issues, and testing it. This involves taking more time to code and debug code, whereas developing in Web 2.0 shouldn't have these issues. In the end, this solution saves the company money and needing to hire additional manpower to create a custom jQuery plugin and such. This feature will mainly disappoint the hardcore jQuery/JSFramework community developers... In fact many of them will discourage using a baked in AJAX solution, although in the end, it is the result that matters, not the path to it. If Web2py's AJAX API does exactly what you need, then that is what matters to your business most. Believe me when I say, Web2py's AJAX API is very feature full, and they made sure to leave almost every stone turned, it's a very extensive and powerful API that gets the job done with as little effort or coding needed.

Recall when I mentioned that Web2py has pre-built views, and one of them is JSON? Well, their baked in AJAX API is one reason, as it is used with this API to provide easy access to everything an HTML view would have access to, but using an AJAX call. It's absolutely so simple, it's rather "Applish" in design. If you would like to understand why I say this, take a look at their jQuery and Ajax documentation page in their book. It does build on jQuery, but you won't be using any of the standard jQuery AJAX functions. Be sure to also take a look at the components section as well, as it provides a way to load parts of pages using AJAX. This is one of the higher points of using web2py, is it has a very rich AJAX API. It makes developing for the next-generation web so much easier.

In my closing statement of this review, I will recommend reading The good and bad about web2py | Me, Ahmed Soliman, this blog article is very informative and provides a great list of pros and cons of using web2py.


  • Easiest framework by far to install for development
  • Application creation wizards
  • Easy to use CRUD
  • Easy App distribution system
  • Simple deployment to GAE/OpenShift
  • Powerful administrator site
  • Web-based IDE for easy online development
  • Included AJAX framework for using CRUD
  • Backward compatibility is a project goal


  • Administrative interface not suitable for daily use
  • Administrative interface has no concept of permissions
  • Needs improved external IDE support


While Web2Py has many high points during development. If you need an integrated permission-based admin interface to edit the database models with ease, you will to use a 3rd party app. I would not personally recommend Web2Py for smaller websites, as Web2Py does include lots of tools which may just get in the way. You can code using your own IDE, but Web2Py lacks the concept of imports for it's own modules, and this may cause problems in PyCharm/Eclipse.

Package Website

About Me

My Photo
Names Kevin, hugely into UNIX technologies, not just Linux. I've dabbled with the demons, played with the Sun, and now with the Penguins.

Kevin Veroneau Consulting Services
Do you require the services of a Django contractor? Do you need both a website and hosting services? Perhaps I can help.

This Month

If you like what you read, please consider donating to help with hosting costs, and to fund future books to review.

Python Powered | © 2012-2019 Kevin Veroneau