Stop creating an empty session on first request

src/pretix/helpers/safedownload.py

@@ -4,6 +4,8 @@ from django.core.signing import BadSignature, TimestampSigner
 
 
 def get_token(request, answer):
+    if not request.session.session_key:
+        request.session.create()
     payload = '{}:{}'.format(request.session.session_key, answer.pk)
     signer = TimestampSigner()
     return signer.sign(hashlib.sha1(payload.encode()).hexdigest())

src/pretix/multidomain/middlewares.py

@@ -79,14 +79,6 @@ class SessionMiddleware(BaseSessionMiddleware):
     a custom domain.
     """
 
-    def process_request(self, request):
-        super().process_request(request)
-
-        if not request.session.session_key:
-            # We need to create session even if we do not yet store something there, because we need the session
-            # key for e.g. saving the user's cart
-            request.session.create()
-
     def process_response(self, request, response):
         try:
             accessed = request.session.accessed