Django: Password protects url's photo?

Question

Django: Password protects url's photo?

From my Django app, I want to serve secure photos. Photos are not intended for public consumption, I want users to be able to view them. I don’t want to rely on obfuscation of the id of the file (giving a photo of the UUID of a long number) and count on the fact that it is hidden in my media folder. How can I safely store a photograph on disk in my database and transfer it only to an authenticated session?

+3

django django-models

Miken Apr 30 '10 at 19:18

source share

3 answers

istruble · Answer 1 · 2010-04-30T22:07:23+0000

Use the X-Sendfile headers to tell your server that which file the server really is.

@check_permissions
def image(request):
    response = HttpResponse(mimetype='image/png')    
    response['X-Sendfile'] = "/real/path/to/image.png"
    return response

. , , Satchmo LoadableProduct.

, nginx lighttpd X-Accel-Redirect X-LIGHTTPD-send-file X-Sendfile.

Debilski · Answer 2 · 2010-04-30T19:41:30+0000

, HttpResponse mime , / .

:

from django.http import HttpResponse

@your_favourite_permission_decorator
def image(request):
    response = HttpResponse(mimetype='image/png')

    with open("image.png") as img:
        response.write(img.read())
    return response

. PDF PIL.

Damian · Answer 3 · 2011-06-26T13:11:04+0000

Apache mod_python, Apache Django.

Django: Password protects url's photo?

More articles: