There is nothing in Django that makes it inherently unsuitable for untrusted users. There are plenty of authentication / authorisation modules available for it such as OAuth2. Plus you can always customise existing code to fit your use case.
I mean we are programmers are we not? If something doesn't immediately fit your needs it might be easier to just write some extra code yourself rather than investing the (sometimes) significant amount of time required to become truly expert in another web framework.
I mean we are programmers are we not? If something doesn't immediately fit your needs it might be easier to just write some extra code yourself rather than investing the (sometimes) significant amount of time required to become truly expert in another web framework.