May 4, 2020
What is a Middleware?
I came across the word ‘middleware’ while working with Django framework. The other time I came across it was in my graduate class, Mobile Computing, where there was a brief talk on energy optimization.
Well, I knew this ‘*ware’ was not the type of ware I had heard of — silverware, glassware, chinaware, tupperware. Hence, let’s figure out what’s this middleware?
Middleware is a software that lies between an operating system and the application running on it. It provides common services and capabilities to applications outside of what’s offered by the operating system. For example, data management, messaging, authentication, and API management are all commonly handled by middleware. It’s also know as ‘plumbing’ as it connects two different applications together so that data data can be easily passed between the ‘pipe’. To enable communication between different applications, middleware utilizes different communication frameworks such as REST, JSON.
Let’s read one of the middleware service of Django called SessionMiddleware .
In the Django framework’s settings.py file, there’s a list of middleware. One of the default middleware is django.contrib.sessions.middleware.SessionMiddleware which manages a user information on the server that is associated with a cookie information. It uses django.contrib.sessions app to store session data in a database.
A small refresher for internet cookie 🍪 and session. A cookie is a bit of data stored by a browser and sent to server in every HTTP Request. While a session is a collection of data stored on a server associated with a given user usually through cookie’s value.
Let’s see this mechanism with the SessionMiddleware source codebase.
- The
SessionMiddlewareclass is initialized with attributes ofget_responseHttpResponse object,enginemodule,SessionStoreclass got from theengine. By default, in DjangoSESSION_ENGINEis database backed. process_requestchecks if there’s a cookie namedsessionidinrequest.COOKIESdictionary.sessionidis a default value forsettings.SESSION_COOKIE_NAME.requestobject’ssessionattribute is assignedSessionStoreobject , that was initialized in the class, with or withoutsession_key.process_responsechecks if we need to create, update or delete cookie with all possible scenarios based on whetherSessionStoreis empty;sessionidhas already been accessed; orSessionStorehas been modified.
If you are familiar with Django’s MVT Pattern, process_request happens before entering into View part, and process_response after the View. So, SessionMiddleware is called before and after the View.
Let’s illustrate a use case of this middleware with sign-in and sign-out feature. We can think that our application is an e-commerce site and our user is putting items on a shopping cart.
If you are successfully logged in, you can now have a shopping cart persistent with customer’s item across different pages as s/he navigates the e-commerce site. See session value has allowed client and server to maintain ‘state’, i.e, server knows which web browser is calling me so that the server can provide accurate data accordingly. SessionMiddleware also provides some handy-dandy methods such as set_expiry_date , get_expiry_date of a session for safe transaction.
Of course, we want to make sure this critical piece of information is removed once a customer logs out. For that we can delete the session customer_id value, like this:
That’s it! 🍦
Let’s recap on what’s a software Middleware? It’s a software between your application and operating system. It does heavy lifting tasks which are repetitive in nature. We access it’s functionality through API. Hence, it makes our development efficient, faster and secure.
That’s all for this week. I hope the article helped you in understanding middleware.
My next article most probably will be on CPE — Customer Premise Equipment in networking! Something goes on a line ‘what is a difference between a switch and a router; how a send button on email delivers my hello, etc’ . See you then.
Thank you for reading.
References:
