SessionId inside the cookie header slows down request (Django)

I'm learning how to use django sessions and caching. I noticed that once I login, a sessionId is included in the cookie header. I'm using the "@authentication_classes" and "@permission_classes" decorators to validate the session. I'm also using Redis to cache the session, since I dont want to hit the DB everytime. I followed the docs for the django and redis server setup. Once the user log in, the session is written in the cache. The problem is that, even tho the session is inside the cache, the database is hit with each request and it slows down the response time to around 300ms.

This is the api I'm using for testing. It does nothing, but it takes 300 ms and it does hit the DB each time I call it. I'm using "never_cache" because I dont want the entire response to be cached.

@api_view(["GET"]) 
@authentication_classes ([SessionAuthentication]) 
@permission_classes([IsAuthenticated]) 
@never_cache
def test(request, username):
    return JsonResponse("", safe=False)

this is the request I'm making: request

If I remove the session autentication decorators, a SessionId is not required anymore to access the api, but the DB is still hit and the response still takes 300ms (there is still the sessionID token inside the cookie header).

@api_view(\["GET"\])
@never_cache
def test(request, username):
return JsonResponse("", safe=False)

Now, if I remove the sessionId from the cookie header the DB is not hit anymore and the response only takes 20ms. request2

I also tried creating a new header called "sessionId" and passing the sessionId, the request is still fast, but the django decorators are not able anymore to validate the session.

This is the key in the redis server: redis

Those are my middleware and cache settings in the setting.py file: settings

I really don't understand what I'm doing wrong. Any tips / suggestion is welcomed. Thank you for your time and patience.

Back to Top