Hi,
I've just enabled caching for a Django application and it works great, but
there is a small problem.
As you know, Session middleware adds a Vary: Cookie header to the response
and it is smart enough to do that only if the session has been accessed.
This is all good, but the problem is that I have @login_required on the
majority of my views and although they don't touch the session at all the
Vary: Cookie header will be added.
This is because the decorator has to get the user from the session so the
session middleware sees that the session has been accessed and sets the
header.
So a simple view like the one below will set the Vary: Cookie header,
although the result isn't user specific at all and this will prevent
caching.
@login_required
def some_view(request)
return HttpResponse('Some text')
The ideal solution would probably be to being able to access the session
without making the session dirty from framework code and then the auth code
could do just that.
Another possibility is to set the accessed flag back to False from the auth
code after accessing the user in the session, but I think that needs more
additional code, because request.user could be accessed from the view and I
don't think that will set session.accessed = True
Another possibility is to say that this is not a problem / can't be easily
fixed, but then we probably need a new decorator, so we can mark views as
@never_varies_on_cookie, because currently I don't think that we can avoid
having the Cookie added to the Vary header by SessionMiddlewar.
I thought I send an email to django-dev before raising a ticket to get some
other opinions on the issue.
Thanks,
Tamas
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to django-develop...@googlegroups.com.
To unsubscribe from this group, send email to
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
