Django filer might be usefull
http://django-filer.readthedocs.org/en/latest/secure_downloads.html
Am 26.09.13 03:24, schrieb m1chael:
http://django-filer.readthedocs.org/en/latest/secure_downloads.html
Am 26.09.13 03:24, schrieb m1chael:
I think Xsendfile is what you want
On Wed, Sep 25, 2013 at 12:51 PM, Mattias Linnap <mattias@linnap.com> wrote:
> Are there any obvious solutions that I have over looked? Or am I stuck having to use django to serve the files?
Depending on the security that you aim to achieve, one option would be to add a custom file storage implementation that overrides https://github.com/django/django/blob/master/django/core/files/storage.py#L63 to give all uploads randomly generated filenames - and therefore unguessable URLs. In addition, Apache can be configured to redirect any accesses to non-existing files in the media directory to a login page.
Only the original uploading user would know the URL, and be able to access the file. However, this approach would still allow the user to share a direct link to the file to other people.
Mattias
No comments:
Post a Comment