tags:

views:

226

answers:

2
+2  Q: 

Site wide caching with Django - problems with password protected pages on logout

I've recently implemented sitewide caching using memcached on my Django application, I've set the TTL to about 500 seconds, and implement per view caches on other parts of the web application.

The problem I have is that when a user logs out, because it's a form post the site behaves as expected, however if they then go to a password protected part of the site, the application behaves as if they have still logged in, unless they hit "refresh". I'm new to caching, and wondering if I can do anything smart to prevent this?

+1  A: 

In the view of a password protected part of the site, do you check whether the user is registered or anonymous before fetching the data (and perhaps bringing data from cache)?

You should. Django helps you, with a login required decorator you can place on the view. Take a look at this: http://docs.djangoproject.com/en/dev/topics/auth/#the-login-required-decorator

OmerGertel  2009-10-22 17:09:08
Yes I do do that, everything has a login required decorator, the problem is the login state is cached.
Tristan  2009-10-22 17:10:49
But it does clear if you hit "refresh".
Tristan  2009-10-22 17:11:29
+3  A: 

I ran into similar issues. The standard Django way is to disable cache for authenticated users. 

#settings.py
CACHE_MIDDLEWARE_ANONYMOUS_ONLY=True

It works fine if different users see different pages (example: their user name on them) and you can't have one version for them.

But if there are only 2 versions of page: for authenticated users and for others then it is not good to completely disable cache for authenticated users. I wrote an app that, besides all, make it possible to fine-tune cache in this case.

Update.

BTW: you mentioned that when you click 'refresh' correct version of page is received. It means that problem is client-side cache (Expires header or E-tag), not the server cache.

To prevent client-side caching (you have to do that if you have several versions of page under the same URL) use @cache_control(must_revalidate=True) decorator.

Mike Korobov  2009-10-22 19:11:59
Out of curiosity, does your app work if I have 3 versions rather than two? (Anonymous, Authenticated, Staff)?
R. Bemrose  2009-10-22 19:25:36
Yes. It can be used to have different versions of pages based on anything in request. This means that you can have per-user cached pages or pages cached by user's attribute or pages cached by cookies.
Mike Korobov  2009-10-22 19:32:58
.. or pages cached by GET parameters
Mike Korobov  2009-10-22 19:33:28
This looks really interesting, thanks Mike, thats given me lots to look into.
Tristan  2009-10-22 23:19:47

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python