Django
Middleware
Request/response pipeline and custom middleware
Middleware
Middleware processes every request/response—security, sessions, CSRF, auth.
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
]
# tasks/middleware.py (example)
import time
from django.utils.deprecation import MiddlewareMixin
class RequestTimingMiddleware(MiddlewareMixin):
def process_request(self, request):
request._start = time.perf_counter()
def process_response(self, request, response):
if hasattr(request, "_start"):
ms = (time.perf_counter() - request._start) * 1000
response["X-Request-Time-ms"] = f"{ms:.1f}"
return response