Challenge - 5 Problems

🎖️

Authentication Middleware Master

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ component_behavior

intermediate

2:00remaining

What does this Django authentication middleware do?

Consider this Django middleware snippet that checks user authentication status. What will be the behavior when an unauthenticated user accesses a protected view?

Django

class SimpleAuthMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        if not request.user.is_authenticated:
            from django.http import HttpResponseForbidden
            return HttpResponseForbidden('Access denied')
        response = self.get_response(request)
        return response

AThe middleware redirects unauthenticated users to the login page automatically.

BThe middleware blocks unauthenticated users by returning a 403 Forbidden response.

CThe middleware allows all users to access the view without restriction.

DThe middleware raises an exception if the user is not authenticated.

Attempts:

2 left

📝 Syntax

intermediate

2:00remaining

Identify the syntax error in this Django middleware snippet

Which option correctly fixes the syntax error in this middleware code?

Django

class AuthCheckMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        if not request.user.is_authenticated:
            from django.http import HttpResponseRedirect
            return HttpResponseRedirect('/login/')
        return self.get_response(request)

AAdd a colon at the end of the if statement line.

BIndent the import statement one level less.

CReplace __call__ with process_request method.

DRemove the return statement inside the if block.

Attempts:

2 left

❓ state_output

advanced

2:00remaining

What is the value of request.user after this middleware runs?

Given this middleware that modifies the request user attribute, what will be the value of request.user in the view after middleware processing?

Django

class FakeUserMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        class FakeUser:
            is_authenticated = True
            username = 'guest'
        request.user = FakeUser()
        response = self.get_response(request)
        return response

AAn object with is_authenticated True and username 'guest'.

BThe original user object from the request.

CNone, because request.user is deleted.

DA string 'guest' instead of a user object.

Attempts:

2 left

🔧 Debug

advanced

2:00remaining

Why does this authentication middleware cause a server error?

This middleware is intended to block unauthenticated users but causes a server error. What is the cause?

Django

class AuthMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        if not request.user.is_authenticated:
            return redirect('/login/')
        return self.get_response(request)

Arequest.user.is_authenticated is not a valid attribute.

BThe middleware should use HttpResponseRedirect instead of redirect.

CMiddleware must not return a response directly.

DThe redirect function is not imported, causing a NameError.

Attempts:

2 left

🧠 Conceptual

expert

2:00remaining

Which statement best describes Django authentication middleware behavior?

Select the most accurate description of how Django's built-in AuthenticationMiddleware works.

AIt encrypts user credentials on every request to enhance security.

BIt automatically redirects unauthenticated users to the login page for all views.

CIt attaches a user object to every request, representing the currently logged-in user or an anonymous user if not logged in.

DIt replaces the session middleware and manages sessions internally.

Attempts:

2 left