Menu
The official documentation is a bit messy: 'before' & 'after' are used for ordering MiddleWare in a tuple, but in some places 'before'&'after' refers to request-response phases. Also, 'should be first/last' are mixed and it's not clear which one to use as 'first'.
I do understand the difference.. however it seems to complicated for a newbie in Django.
Can you suggest some correct ordering for builtin MiddleWare classes (assuming we enable all of them) and — most importantly — explain WHY one goes before/after other ones?
here's the list, with the info from docs I managed to find:
UpdateCacheMiddleware SessionMiddleware, GZipMiddleware, LocaleMiddleware GZipMiddleware UpdateCacheMiddleware: Modifies 'Vary:'ConditionalGetMiddleware CommonMiddleware: uses its 'Etag:' header when USE_ETAGS=True SessionMiddleware UpdateCacheMiddleware: Modifies 'Vary:'TransactionMiddleware: we don't need transactions hereLocaleMiddleware, One of the topmost, after SessionMiddleware, CacheMiddleware UpdateCacheMiddleware: Modifies 'Vary:'SessionMiddleware: uses session dataCommonMiddleware GZipMiddleware so it won't calculate an E-Tag on gzipped contentsAPPEND_SLASH or PREPEND_WWW CsrfViewMiddleware AuthenticationMiddleware SessionMiddleware: uses session storageMessageMiddleware SessionMiddleware: can use Session-based storageXViewMiddlewareTransactionMiddleware SessionMiddleware (configurable to use DB)*CacheMiddleWare is not affected (as an exception: uses own DB cursor)FetchFromCacheMiddleware AuthenticationMiddleware so it's possible to use CACHE_MIDDLEWARE_ANONYMOUS_ONLY FlatpageFallbackMiddleware TransactionMiddleware (yes?) RedirectFallbackMiddleware TransactionMiddleware (yes?) (I will add suggestions to this list to collect all of them in one place)
578
In Django, middleware is a lightweight plugin that processes during request and response execution. Middleware is used to perform a function in the application. The functions can be a security, session, csrf protection, authentication etc.
In a nutshell, a Middleware is a regular Python class that hooks into Django's request/response life cycle. Those classes holds pieces of code that are processed upon every request/response your Django application handles.
Middleware and decorators are similar and can do the same job. They provide a means of inserting intermediary effects either before or after other effects downstream in the chain/stack.
The most difficult part is that you have to consider both directions at the same time when setting the order. I would say that's a flaw in the design and I personally would opt for a separate request and response middleware order (so you wouldn't need hacks like FetchFromCacheMiddleware and UpdateCacheMiddleware).
But... alas, it's this way right now.
Either way, the idea of it all is that your request passes through the list of middlewares in top-down order for process_request and process_view. And it passes your response through process_response and process_exception in reverse order.
With UpdateCacheMiddleware this means that any middleware that changes the Vary headers in the HTTP request should come before it. If you change the order here than it would be possible for some user to get a cached page for some other user.
How can you find out if the Vary header is changed by a middleware? You can either hope that there are docs available, or simply look at the source. It's usually quite obvious :)
142
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
