Closed Bug 881926 Opened 11 years ago Closed 10 years ago

Requests to API should not trigger session middleware

Categories

(Marketplace Graveyard :: API, defect, P4)

Product:
Marketplace Graveyard
Component:
API
Platform:
x86
macOS
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 987932

People

(Reporter: ashort, Unassigned)

References

Details

(Whiteboard: [repoman]) 

Right now requests to API URLs are still handled by django.contrib.auth middleware which results in user lookup being done for session cookies if they exist. (request.user is initialized as a lazy object there but commonware.log has middleware that looks up the username for logging, so it's always accessed.)

Since the API doesn't use session auth, we should find a way to skip this to avoid a useless DB hit.
Priority: -- → P5
Blocks: 926640
Severity: enhancement → normal
Priority: P5 → P4
Whiteboard: [repoman]
Fixed by https://github.com/mozilla/zamboni/commit/cd15e17284187212f70a34edff6544ddb699e8d0.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.