Middleware introduction

Last reviewed May 28, 2026 Content v20260528

Track mode: server_script
Means: Server runner
Reading: ~1 min
Level: advanced

This lesson

An orientation to the Django track—how the server playground works, core vocabulary, and what you will practice next.

You need a clear map of the Django track so MVT, the ORM, and project layout do not feel like magic.

You will apply Middleware introduction in contexts like: SaaS dashboards, CMS-style products, internal tools, and APIs paired with React or mobile clients.

Write Python 3 in the editor and click Run on server—the dev runner executes your script; Django framework lessons also use local startproject for full MVT (LEARNING_RUNNER_ENABLED=true). Also read the interview prep blocks.

After HTML fundamentals and basic programming concepts—before or alongside SQL.

Middleware hooks into Django's request/response cycle—processing every request before it reaches a view and every response on the way out. Security, sessions, CSRF, and authentication rely on middleware.

Request/response flow

Request enters middleware stack (top to bottom in MIDDLEWARE setting)
URL resolver finds the view
View returns HttpResponse
Response passes back through middleware (bottom to top)

Built-in examples

SecurityMiddleware — security headers, HTTPS redirect
SessionMiddleware — attaches session to request
AuthenticationMiddleware — sets request.user
CorsMiddleware — third-party, for API CORS headers

Important interview questions and answers

Q: Middleware order matters?
A: Yes—AuthenticationMiddleware must run after SessionMiddleware; CSRF before views that accept POST.
Q: Custom middleware use cases?
A: Request logging, tenant detection, maintenance mode, adding headers.
Q: process_view hook?
A: Runs after URL resolve, before view—can short-circuit with a response.

Self-check

Which middleware sets request.user?
Why does MIDDLEWARE order matter?

Tip: SessionMiddleware must appear before AuthenticationMiddleware in MIDDLEWARE—order is not alphabetical, it is dependency order.

Interview prep

Middleware order?: Order matters—SessionMiddleware before AuthenticationMiddleware; CSRF before views accepting POST.

Interview tip Lesson completion confidence

Can you explain this lesson in 30 seconds without reading notes?

Self-reflection (saved on this device)

Not saved yet.

Playground

Runs on the configured server runner (dev: npm run runner with LEARNING_RUNNER_ENABLED=true). Output appears below the editor.

Code runner not available

Server runner is disabled. Set LEARNING_RUNNER_ENABLED=true and LEARNING_RUNNER_URL in .env (see .env.example).

Check yourself

Multiple choice — immediate feedback.

Discussion

Past discussion is visible to everyone. Only logged-in users can post comments and replies.

Starter discussion topics

Middleware order?
Custom middleware use?

No discussion yet. Be the first to ask a question.