Djangoframework~30 mins

Authentication middleware in Django - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Authentication middleware

📖 Scenario: You are building a Django web application that needs to check if a user is authenticated before allowing access to certain views. You will create a simple authentication middleware that checks if the user is logged in and redirects them if not.

🎯 Goal: Create a Django middleware class named SimpleAuthMiddleware that checks if the user is authenticated. If the user is not authenticated, redirect them to the login page. Otherwise, allow the request to continue.

📋 What You'll Learn

Create a middleware class named SimpleAuthMiddleware

Check if the user is authenticated using request.user.is_authenticated

Redirect unauthenticated users to /login/

Allow authenticated users to continue processing the request

Add the middleware to Django's MIDDLEWARE list

💡 Why This Matters

🌍 Real World

Authentication middleware is used in real web applications to protect pages and resources from unauthorized access, ensuring only logged-in users can see certain content.

💼 Career

Understanding how to write and configure middleware is important for backend developers working with Django to implement security and request processing logic.

Progress0 / 4 steps

Create the middleware class skeleton

Create a Python class named SimpleAuthMiddleware with an __init__ method that takes get_response as a parameter and stores it as an instance variable.

Django

class SimpleAuthMiddleware:
    def __init__(self, get_response):
        # Your code here

Need a hint?

Remember, the middleware class needs an __init__ method that saves the get_response callable.

Add the __call__ method to process requests

Add a __call__ method to SimpleAuthMiddleware that takes request as a parameter and stores the result of calling self.get_response(request) in a variable named response.

Django

class SimpleAuthMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        # Your code here

Need a hint?

The __call__ method must call self.get_response(request) and return the response.

Check if user is authenticated and redirect if not

Inside the __call__ method, before calling self.get_response(request), check if request.user.is_authenticated is False. If so, import HttpResponseRedirect from django.http and return HttpResponseRedirect('/login/'). Otherwise, continue to call self.get_response(request).

Django

from django.http import HttpResponseRedirect

class SimpleAuthMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        # Your code here

Need a hint?

Use if not request.user.is_authenticated: to check authentication and return a redirect response.

Add the middleware to Django settings

In your Django settings.py file, add the string 'path.to.SimpleAuthMiddleware' to the MIDDLEWARE list. Replace path.to with the actual Python import path where SimpleAuthMiddleware is defined.

Django

# In settings.py
MIDDLEWARE = [
    # existing middleware entries
    # Your code here
]

Need a hint?

Insert the middleware class path as a string inside the MIDDLEWARE list in settings.py.