What is a Middleware?
I came across the word ‘middleware’ while working with Django framework. The other time I came across it was in my graduate class, Mobile Computing, where there was a brief talk on energy optimization.
Well, I knew this ‘*ware’ was not the type of ware I had heard of — silverware, glassware, chinaware, tupperware. Hence, let’s figure out what’s this middleware?
Middleware is a software that lies between an operating system and the application running on it. It provides common services and capabilities to applications outside of what’s offered by the operating system. For example, data management, messaging, authentication, and API management are all commonly handled by middleware. It’s also know as ‘plumbing’ as it connects two different applications together so that data data can be easily passed between the ‘pipe’. To enable communication between different applications, middleware utilizes different communication frameworks such as REST, JSON.
Let’s read one of the middleware service of Django called SessionMiddleware
.
In the Django framework’s settings.py
file, there’s a list of middleware. One of the default middleware is django.contrib.sessions.middleware.SessionMiddleware
which manages a user information on the server that is associated with a cookie information. It uses django.contrib.sessions
app to store session data in a database.
A small refresher for internet cookie 🍪 and session. A cookie is a bit of data stored by a browser and sent to server in every HTTP Request. While a session is a collection of data stored on a server associated with a given user usually through cookie’s value.
Let’s see this mechanism with the SessionMiddleware
source codebase.
- The
SessionMiddleware
class is initialized with attributes ofget_response
HttpResponse object,engine
module,SessionStore
class got from theengine
. By default, in DjangoSESSION_ENGINE
is database backed. process_request
checks if there’s a cookie namedsessionid
inrequest.COOKIES
dictionary.sessionid
is a default value forsettings.SESSION_COOKIE_NAME
.request
object’ssession
attribute is assignedSessionStore
object , that was initialized in the class, with or withoutsession_key
.process_response
checks if we need to create, update or delete cookie with all possible scenarios based on whetherSessionStore
is empty;sessionid
has already been accessed; orSessionStore
has been modified.
If you are familiar with Django’s MVT Pattern, process_request
happens before entering into View part, and process_response
after the View. So, SessionMiddleware
is called before and after the View.
Let’s illustrate a use case of this middleware with sign-in and sign-out feature. We can think that our application is an e-commerce site and our user is putting items on a shopping cart.
If you are successfully logged in, you can now have a shopping cart persistent with customer’s item across different pages as s/he navigates the e-commerce site. See session value has allowed client and server to maintain ‘state’, i.e, server knows which web browser is calling me so that the server can provide accurate data accordingly. SessionMiddleware
also provides some handy-dandy methods such as set_expiry_date
, get_expiry_date
of a session for safe transaction.
Of course, we want to make sure this critical piece of information is removed once a customer logs out. For that we can delete the session customer_id
value, like this:
That’s it! 🍦
Let’s recap on what’s a software Middleware? It’s a software between your application and operating system. It does heavy lifting tasks which are repetitive in nature. We access it’s functionality through API. Hence, it makes our development efficient, faster and secure.
That’s all for this week. I hope the article helped you in understanding middleware.
My next article most probably will be on CPE — Customer Premise Equipment in networking! Something goes on a line ‘what is a difference between a switch and a router; how a send button on email delivers my hello, etc’ . See you then.
Thank you for reading.
References: