Geek Answers Handbook

Django: any way to avoid requests for request.user for each request?

For my site, almost every page has a title bar that says โ€œWelcome, ABC,โ€ where โ€œABCโ€ is the username. This means that request.user will be called for each individual query, causing the database to appear again and again.

But as soon as the user logs in, I can save his user instance in my cookie and encrypt it. This way I can avoid getting into the database repeatedly and just extract request.user from the cookie.

How could you change Django? Are there any Django plugins that do what I need?

thanks

+8
django django-authentication django-sessions
source share
4 answers

You want to use session middleware, and you want to read the documentation. The staging tool supports several session mechanisms. Ideally, you should use memcached or redis, but you could write your own session engine to store all the data in the user's cookie . After middleware is enabled, it is available as part of the request object. You interact with request.session , which acts like a dict, making it easy to use. Here are some examples from the docs:

This simplified view sets the has_commented variable to True after the user submits a comment. It does not allow the user to leave a comment more than once:

 def post_comment(request, new_comment): if request.session.get('has_commented', False): return HttpResponse("You've already commented.") c = comments.Comment(comment=new_comment) c.save() request.session['has_commented'] = True return HttpResponse('Thanks for your comment!')

This simplified view is registered in the "member" of the site:

 def login(request): m = Member.objects.get(username=request.POST['username']) if m.password == request.POST['password']: request.session['member_id'] = m.id return HttpResponse("You're logged in.") else: return HttpResponse("Your username and password didn't match.")
+4
source share

It smells of over-optimization. Getting a user from db is one click on a request, or maybe two if you are using a profile model. If your site is such that the additional two queries are important for performance, you may have big problems.

+5
source share

After proper caching, the number of database calls should be significantly reduced - again, Iโ€™m not really a caching specialist. I think it would be a bad idea to modify request.user to solve your problem. I think the best solution would be to create some utility, method or user template tag that tries to load your user data from a cookie and return the result. If user data is not found in the cookie, you need to request.user, save the data in a cookie and then return the result. You could use the post_save signal to check for user data changes so you can update the cookie as needed.

+1
source share

The user attaches to the request object using the middleware authentication provided by django (django.contrib.auth.middleware). It uses the get_user function in django.contrib.auth. init to get the user from the backend that you are using. You can easily change this function to search for a user elsewhere (e.g. cookie).

When the user is logged in, django places the user ID in the session (request.session [SESSION_KEY] = user.id). When a user logs out, he removes the user ID from the session. You can override these login and logout functions to also save the user object in the cookie cookie / delete the user object from the cookie in the browser. Both of these functions are also in the django.contrib.auth file. init

See here for setting cookies: Django Cookies, how can I set them?

+1
source share

More articles:


All Articles