Introduction to some of the middleware built into Django

Certified Support Middleware

Middleware class: Django.contrib.auth.middleware.AuthenticationMiddleware. Django.contrib.auth.middleware.AuthenticationMiddleware.

This middleware activates the authentication support feature. It adds the Request.user attribute representing the currently logged-on user to each incoming HttpRequest object. It adds the Request.user attribute, representing the currently logged-in user, to every incoming HttpRequest object.

General middleware

Middleware Class:django.middleware.common.CommonMiddleware.

This middleware provides some conveniences for perfectionists:

Prohibit access to the USER agent set in the ' Disallowed_user_agents ' list: Once provided, this list should consist of compiled regular expression objects that match the user-agent domain in the incoming request header. The following example is from a configuration file fragment:

Import redisallowed_user_agents = (  re.compile (R ' ^omniexplorer_bot '),  re.compile (R ' ^googlebot '))

• Note the import re because disallowed_user_agents requires that its value be a compiled regular expression (that is, the return value of Re.compile ().
• URL rewriting is performed according to the settings of ' Append_slash ' and ' prepend_www ': If Append_slash is True, those URLs with no trailing slashes will be redirected to the corresponding URL with the slash. Unless the last component of path contains a dot number. As a result, Foo.com/bar will be redirected to foo.com/bar/, but Foo.com/bar/file.txt will be passed in unchanged form.
• If Prepend_www is True, those URLs that lack the pilot www will be redirected to the appropriate URL containing the pilot www. Would be redirected to the same URL with a leading www.
• Both of these options are for normalizing URLs. The philosophy behind it is that each URL should and should only exist in one place. Technically, URL Example.com/bar is different from example.com/bar/and www.example.com/bar/.
• Processing etag:etags based on the settings of ' use_etags ' is an optimization mechanism for conditionally caching pages at the HTTP level. If Use_etags is True, Django processes the content of the page with the MD5 algorithm for each request, thereby obtaining the ETag, on which Django will process and return the not Modified response, if appropriate:
• Note that there is also a conditional GET middleware that handles etags and does more, as you'll see shortly.

Compression middleware

Middleware class Django.middleware.gzip.GZipMiddleware.

This middleware automatically compresses back the content for browsers that can handle gzip compression (including all modern browsers). This greatly reduces the bandwidth consumed by the Web server. The price is that compressing the page requires some extra processing time.

With respect to bandwidth, people generally prefer speed, but if you're in the opposite direction, you can enable this middleware.
Conditional Get Middleware

Middleware Class:django.middleware.http.ConditionalGetMiddleware.

This middleware provides support for conditional GET operations. If the response header includes a last-modified or ETag domain, and the request header contains a if-none-match or if-modified-since domain, and the same is true, the response is response 304 ( Not modified) instead. The support for the ETag relies on the use_etags configuration and the ETag domain set in the response header beforehand. The generic middleware discussed earlier can be used to set the ETAG domain in response. As discussed above, the ETAG header is set by the Common middleware.

In addition, it will delete anything in the response generated when the head request is processed and set the Date and Content-length fields in the response header of all request.
Reverse proxy support (X-forwarded-for middleware)

Middleware Class:django.middleware.http.SetRemoteAddrFromForwardedFor.

This is an example of what we are doing in the section on what is middleware. On request. meta[' http_x_forwarded_for ' exists, it sets the request based on its value. meta[' REMOTE_ADDR '. This is useful in situations where the site is behind a reverse proxy and each request's remote_addr is pointed to 127.0.0.1. It sets request. meta[' REMOTE_ADDR '] based on request. meta[' http_x_forwarded_for '), if the latter is set. This is the useful if you ' re sitting behind a reverse proxy, which causes each request ' s remote_addr to being set to 127.0.0.1.

Red Warning!

This middleware does not verify the legitimacy of http_x_forwarded_for.

Do not use this middleware if your site is not located in a reverse proxy that automatically sets http_x_forwarded_for. Otherwise, because anyone can forge http_x_forwarded_for values, and REMOTE_ADDR is set according to Http_x_forwarded_for, this means that anyone can forge an IP address.

You can only use this middleware if you can absolutely trust http_x_forwarded_for.
Session Support Middleware

Middleware Class:django.contrib.sessions.middleware.SessionMiddleware.

This middleware activates the session support feature.

Middleware Classes:django.middleware.cache.UpdateCacheMiddleware and Django.middleware.cache.FetchFromCacheMiddleware.

These middleware work with each other to cache each Django-based page.
Transaction processing Middleware

Middleware Class:django.middleware.transaction.TransactionMiddleware.

This middleware binds the COMMIT or ROLLBACK of the database to the Request/response processing phase. If the view function executes successfully, a COMMIT instruction is issued. If the view function throws an exception, the ROLLBACK instruction is issued.

The order of the middleware in the stack is very important. Its outer middleware module runs in the Django default save-commit behavior mode. The inner middleware (which appears at the subsequent position in the stack) is placed under the control of a transactional mechanism consistent with the view function.

