On my Django app I use a multi-tenant approach with isolated databases. It works well but because it relies on subdomains for each tenant, which is not scalable, I'm trying to change that. To achieve this functionality I'm trying to use middlewares and sessions to retrieve the tenant from the username and use it to set a local variable for the database routers. The logic is this:
If the user is not logged, the BeforeLoginMiddleware activates and retrieves the tenant name from the user. So username@tenant1 will set tenant1 to the session. Here's the code:
import threading
from users.forms import LoginForm
Thread_Local = threading.local()
class BeforeLoginMiddleware:
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
if request.path == '/login/':
form = LoginForm(request.POST)
if form.is_valid():
complete_username = form.cleaned_data.get('username')
current_db = complete_username.split('@')[1]
request.session['current_db'] = current_db
request.session.modified = True
response = self.get_response(request)
return response
If the user is already logged, a second middleware will retrieve the tenant data from the session and use it to define the Thread_Local variable that is called on a function used on the database routers:
class AppMiddleware:
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
current_db = request.session.get('current_db')
setattr(Thread_Local, 'current_db', current_db)
response = self.get_response(request)
return response
def get_current_db_name():
return getattr(Thread_Local, 'current_db', None)
Here's the routers.py file:
class AppRouter:
def db_for_read(self, model, **hints):
return get_current_db_name()
def db_for_write(self, model, **hints):
return get_current_db_name()
def allow_relation(self, *args, **kwargs):
return True
def allow_syncdb(self, *args, **kwargs):
return None
def allow_migrate(self, *args, **kwargs):
return None
This is the middleware setting on my app:
MIDDLEWARE = [
'debug_toolbar.middleware.DebugToolbarMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'myapp.middleware.BeforeLoginMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'myapp.middleware.AppMiddleware',
]
This works as expected but at random (or at least it appear to be at random) it loses connection with the database and I assume that, since it can't retrieve the session data, redirects the user to the login page again (I'm also using the login_required decorator). Sometimes I can navigate to several different pages and everything is fine and then it disconnects. Other times it disconnects when navigating to the first page after the homepage, after login. This also occurs if the page is idle for about 1 minute, which makes no sense because my SESSION_COOKIE_AGE setting is 1200.
Thing is, I have no idea what is causing this because there are no errors. The only thing I've noticed that is consistent when this happens, it's a 302 status registered in the network tab on the browser (which is the redirect to the login page) and the message Broken pipe from ('127.0.0.1', 61980) in the terminal with this random code at the end.
What I've tried so far, without any change in the behavior described above:
I'm honestly running out of options, so I appreciate any help or advice.
Answering this in case it helps someone else:
I’m not entirely sure that this was the issue, but I think that relying on sessions to check for login data was unreliable. I mean, if the connection with the server was cut, even momentarily, the db couldn’t be reached, so the user was logged out. So my solution was to keep the tenant definition using the URL but instead of having different subdomains, i have different URL suffixes, like this:
mysite.com/tenant1
mysite.com/tenant2
That meant a lot of refactoring. The current middleware looks like this:
class MyMiddleware:
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
full_path = request.path
tenant = full_path.split('/')[1]
tenants_dict = dict(Tenants.objects.values_list('alias', 'database',))
current_db = tenants_dict.get(tenant)
setattr(threading_file.Thread_Local, 'current_db', current_db)
request.tenant_name = tenant
response = self.get_response(request)
return response
And i had to add the suffix on all the URLs, views, redirects and templates:
path('<str:tenant_name>/page/', views.page, name='page'),
def page(request, tenant_name):
# view code
redirect('other_page', tenant_name)
<a href="{% url 'page' request.tenant_name %}">Link name</a>
Like I said, it was a lot of work, but in my case it was totally worth it to not deal with subdomains anymore.