Djangoframework~30 mins

Built-in middleware overview in Django - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Built-in Middleware Overview in Django

📖 Scenario: You are building a simple Django project to understand how built-in middleware works. Middleware helps process requests and responses in a Django app, like a helpful assistant checking or modifying data as it passes through.

🎯 Goal: Create a Django settings file snippet that sets up a list of built-in middleware classes. Then add a custom setting to control middleware behavior, apply the middleware list in the settings, and finally complete the settings with the required Django configuration.

📋 What You'll Learn

Create a list variable called MIDDLEWARE with specific built-in middleware classes

Add a boolean variable called USE_SECURITY_MIDDLEWARE set to True

Use an if statement to conditionally add 'django.middleware.security.SecurityMiddleware' to MIDDLEWARE

Complete the settings by adding ROOT_URLCONF with value 'myproject.urls'

💡 Why This Matters

🌍 Real World

Middleware is used in real Django projects to handle security, sessions, CSRF protection, and more automatically for every web request.

💼 Career

Understanding middleware setup is essential for Django developers to configure and customize request processing pipelines in professional web applications.

Progress0 / 4 steps

Create the initial middleware list

Create a list called MIDDLEWARE with these exact strings in order: 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware'

Django

# Create the MIDDLEWARE list with three built-in middleware classes
# Your code here

Need a hint?

Use square brackets [] to create a list and put each middleware string inside quotes separated by commas.

Add a configuration variable

Add a boolean variable called USE_SECURITY_MIDDLEWARE and set it to True

Django

MIDDLEWARE = [
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
# Add USE_SECURITY_MIDDLEWARE variable below
# Your code here

Need a hint?

Write the variable name exactly as USE_SECURITY_MIDDLEWARE and assign it the value True.

Conditionally add SecurityMiddleware

Write an if statement that checks if USE_SECURITY_MIDDLEWARE is True. Inside it, add 'django.middleware.security.SecurityMiddleware' to the start of the MIDDLEWARE list using insert(0, ...)

Django

MIDDLEWARE = [
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

USE_SECURITY_MIDDLEWARE = True
# Add if statement to insert SecurityMiddleware
# Your code here

Need a hint?

Use if USE_SECURITY_MIDDLEWARE: and then call MIDDLEWARE.insert(0, 'django.middleware.security.SecurityMiddleware') inside the block.

Complete settings with ROOT_URLCONF

Add a variable called ROOT_URLCONF and set it to the string 'myproject.urls'

Django

MIDDLEWARE = [
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

USE_SECURITY_MIDDLEWARE = True

if USE_SECURITY_MIDDLEWARE:
    MIDDLEWARE.insert(0, 'django.middleware.security.SecurityMiddleware')
# Add ROOT_URLCONF variable below
# Your code here

Need a hint?

Write ROOT_URLCONF = 'myproject.urls' exactly as shown.