Request Lifecycle¶
This page describes how a request moves through OpenSESA from routing to response generation.
High-Level Flow¶
flowchart LR
A[Incoming Request] --> B[URL Router]
B --> C[Middleware Chain]
C --> D[Domain View]
D --> E[Domain Service or ORM]
E --> F[Template or JSON Response]Middleware Sequence¶
flowchart TD
A[SecurityMiddleware] --> B[Custom SecurityHeadersMiddleware]
B --> C[SessionMiddleware]
C --> D[CsrfViewMiddleware]
D --> E[AuthenticationMiddleware]
E --> F[AccountMiddleware]
F --> G[MFARequiredMiddleware]
G --> H[LoginRequiredMiddleware]
H --> I[HtmxMiddleware]View Execution Pattern¶
- Request is routed to module URL config.
- View resolves project context and permission scope.
- Business logic executes through models or service helpers.
- Response is rendered (HTML) or serialized (JSON/API endpoint).
Rendering and Context¶
- Template responses are enriched through shared context processors.
- Domain views should keep orchestration thin and delegate reusable logic.
- HTMX-enhanced paths should preserve equivalent non-HTMX behavior.
Failure Points to Watch¶
| Layer | Typical Failure | Mitigation |
|---|---|---|
| Middleware | Auth/session ordering problems | Validate middleware chain after auth changes |
| View | Missing project scoping | Enforce scope checks at entry points |
| ORM | Expensive query patterns | Use select_related and prefetch_related |
| Template | Missing context assumptions | Add defensive template checks and tests |
Performance note
Prefer prefetch/select-related optimizations in list/detail views where cross-model data is shown.