3 | | As a side note, probably not possible with just middleware, but it would be nice if the session authentication check was done the first time `get_user(request)` is called, instead of every request, as it creates unnecessary session and user queries on pages where user is not used. It would be nice if there were a way to override the `get_user(request)` logic to put this check there. That would remove the requirement have a database before using a runserver for the first time. |
| 3 | As a side note, probably not possible with just middleware, but it would be nice if the session authentication check was done the first time `get_user(request)` is called, instead of every request, as it creates unnecessary session and user queries on pages where user is not used. It would be nice if there were a way to override the `get_user(request)` logic to put this check there. That would remove the requirement to have a database before using a runserver for the first time. |
| 4 | |
| 5 | An alternative could be to enable signed_cookies by default, as that would also remove the database requirement. |