From 43c4cd281c11b3cc80a3980e1a7e3192c0c6d46e Mon Sep 17 00:00:00 2001 From: Jaap Joris Vens Date: Sat, 12 Sep 2020 15:13:02 +0200 Subject: [PATCH] Custom cache middleware that doesn't serve cached pages to logged-in users. The hard problem of detecting whether a user is logged in is simply sidestepped by assuming that any user that sends the `sessionid` cookie is logged in. This is true as long as you don't save session variables on anonymous users (i.e. if you don't spy on them ;) --- cms/middleware.py | 11 +++++++++++ setup.py | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/cms/middleware.py b/cms/middleware.py index 867a662..64d4716 100644 --- a/cms/middleware.py +++ b/cms/middleware.py @@ -1,6 +1,7 @@ import os from sass import compile from django.conf import settings +from django.middleware import cache def locate(filename): for path, dirs, files in os.walk(os.getcwd(), followlinks=True): @@ -8,6 +9,16 @@ def locate(filename): if f == filename: yield os.path.join(path, filename) +class FetchFromCacheMiddleware(cache.FetchFromCacheMiddleware): + '''Minor change to the original middleware that prevents caching of + requests that have a `sessionid` cookie. This should be the + Django default, IMHO. + + ''' + def process_request(self, request): + if 'sessionid' not in request.COOKIES: + return super().process_request(request) + class SassMiddleware: '''Simple SASS middleware that intercepts requests for .css files and tries to compile the corresponding SCSS file. diff --git a/setup.py b/setup.py index 36a4081..ddc5ec3 100755 --- a/setup.py +++ b/setup.py @@ -3,7 +3,7 @@ from setuptools import setup, find_packages setup( name = 'django-simplecms', - version = '1.0.1', + version = '1.0.2', url = 'https://github.com/rtts/django-simplecms', author = 'Jaap Joris Vens', author_email = 'jj@rtts.eu',