diff --git a/django/middleware/cache.py b/django/middleware/cache.py index 80c8626db8..00b81838ec 100644 --- a/django/middleware/cache.py +++ b/django/middleware/cache.py @@ -10,6 +10,11 @@ class CacheMiddleware(object): Only parameter-less GET or HEAD-requests with status code 200 are cached. + If CACHE_MIDDLEWARE_ANONYMOUS_ONLY is set to True, only anonymous requests + (i.e. those node made by a logged in user) will be cached. This is a + simple and effective way of avoiding the caching of the Django admin (and + any other user-specific content). + This middleware expects that a HEAD request is answered with a response exactly like the corresponding GET request. @@ -23,13 +28,17 @@ class CacheMiddleware(object): This middleware also sets ETag, Last-Modified, Expires and Cache-Control headers on the response object. """ - def __init__(self, cache_timeout=None, key_prefix=None): + def __init__(self, cache_timeout=None, key_prefix=None, cache_anonymous_only=None): self.cache_timeout = cache_timeout if cache_timeout is None: self.cache_timeout = settings.CACHE_MIDDLEWARE_SECONDS self.key_prefix = key_prefix if key_prefix is None: self.key_prefix = settings.CACHE_MIDDLEWARE_KEY_PREFIX + if cache_anonymous is None: + self.cache_anonymous_only = settings.get('CACHE_MIDDLEWARE_ANONYMOUS_ONLY', False) + else: + self.cache_anonymous_only = cache_anonymous_only def process_request(self, request): "Checks whether the page is already cached and returns the cached version if available." @@ -37,6 +46,10 @@ class CacheMiddleware(object): request._cache_update_cache = False return None # Don't bother checking the cache. + if self.cache_anonymous_only and request.user.is_authenticated(): + request._cache_update_cache = False + return None # Don't cache requests from authenticated users. + cache_key = get_cache_key(request, self.key_prefix) if cache_key is None: request._cache_update_cache = True diff --git a/docs/cache.txt b/docs/cache.txt index 2ef3d6503f..5efa2649ae 100644 --- a/docs/cache.txt +++ b/docs/cache.txt @@ -230,7 +230,12 @@ Then, add the following required settings to your Django settings file: collisions. Use an empty string if you don't care. The cache middleware caches every page that doesn't have GET or POST -parameters. Additionally, ``CacheMiddleware`` automatically sets a few headers +parameters. Optionally, If the ``CACHE_MIDDLEWARE_ANONYMOUS_ONLY`` setting is +``True``, only anonymous requests (i.e. those node made by a logged in user) +will be cached. This is a simple and effective way of disabling caching on any +user-specific content ( include Django's admin interface). + +Additionally, ``CacheMiddleware`` automatically sets a few headers in each ``HttpResponse``: * Sets the ``Last-Modified`` header to the current date/time when a fresh diff --git a/docs/faq.txt b/docs/faq.txt index b374abfbf3..ccf8906c41 100644 --- a/docs/faq.txt +++ b/docs/faq.txt @@ -535,6 +535,14 @@ If you're sure your username and password are correct, make sure your user account has ``is_active`` and ``is_staff`` set to True. The admin site only allows access to users with those two fields both set to True. +How can I prevent the cache middleware from caching the admin site? +------------------------------------------------------------------- + +Set the ``CACHE_MIDDLEWARE_ANONYMOUS_ONLY`` setting to ``True``. See the +`cache documentation`_ for more information. + +.. _cache documentation: ../cache/#the-per-site-cache + How do I automatically set a field's value to the user who last edited the object in the admin? -----------------------------------------------------------------------------------------------