I don't understadn this design at all.
This statement particularly is a problem
"This is to make sure people have a hard time tricking the permission checking." impossible to trick permission checking is better.
Basically anything that needs permission checking per user cannot be cached.
Cacing at a proxy server and private applications don't work together.
It works great for publiclly accessible content.