I'm confused about static files and media files in django. I've seen elsewhere that people use it interchangeably.
When should I use media_root and when should I use static_root?
If I have site images should I put it in static? And if I have product images do I put it in media?
MEDIA_ROOT is the directory where file uploads are placed, as well as where generated files are usually stored. For example, one of my Django apps allows users to upload images. In one of the model classes, I use the ImageField type from sorl-thumbnail with upload_to='%Y-%m'. Whenever a user uploads an image, the file is stored in MEDIA_ROOT/%Y-%m/ (with %Y replaced with the current year and %m replaced with the current month number). Also, when sorl-thumbnail generates a thumbnail for an uploaded image, it places the thumbnail by default somewhere in MEDIA_ROOT/cache/.
STATIC_ROOT is used to configure the directory where static assets are placed. For example, site stylesheets, JavaScript files, and images used in the design of web pages are the types of files that go into STATIC_ROOT. If you have multiple installed apps, each app that uses static files can have its own static files directory. You use the collectstatic management function (invoked via python manage.py collectstatic) to copy all of the apps' static files into STATIC_ROOT.
Related
What are MEDIA_URL and MEDIA_ROOT in django and why do we need to use them?
Can't we directly add images directly into the database by logging in to admin account.
I guess your main confusion might be MEDIA vs STATIC. It's pretty clear in the docs, still:
STATIC is basically where you keep your files that are required to run your website properly, say css, js, some jpg/png/img files (say site logo, background, favicon etc).
MEDIA is for user uploaded files. Say, a user uploads his/her resume, profile photo etc.
MEDIA_ROOT: is the absolute filesystem path to the directory that will hold user-uploaded files.
MEDIA_URL: is the URL that handles the media served from MEDIA_ROOT. E.g. the /media/ in www.example.com/media/somefile.mp4
STATIC_ROOT: is the absolute path to the directory where your static files are placed for deployment.
STATIC_URL: URL to use when referring to static files located in STATIC_ROOT. E.g. the /static/ in www.example.com/static/mysite.css
Ref: https://docs.djangoproject.com/en/3.0/ref/settings/#std:setting-MEDIA_ROOT
I come from an Mean, Express, Angular and Node (MEAN) stack background. I really liked how angular has separate components and then we can style each components and then nest them in each other. It is just more organized and way more shareable when in companies. It gets easier to actually understand the structure. Can I do this in django since I notice that my css is supposed to be all in one static file. Is it possible?
NOTE: Angular not Angular.js
While all your static files do need to be contained in one folder in production, they can be in separate places in development.
Development: Separated
You can have separate static files for each app within the project, but each should contain a folder with the name of the app. So the path to the static file style.css in the app myapp would look like: myproject/myapp/static/myapp/style.css. You can also put more folders within the myproject/myapp/static/myapp to separate images, JS, and CSS, for example.
To have this work you need to make sure that django.contrib.staticfiles is in INSTALLED_APPS. Then make some edits in settings.py and set STATIC_URL = '/static/' and STATICFILES_DIRS=[os.path.join(BASE_DIR, 'static')], so that Django knows the URL to refer to as well as the folders to check for static files.
Production: Collected
The above will only work if DEBUG is set to True, so it will only work in development. To have it work in production, you need to set STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles'), so that Django will know to look in myproject/staticfiles to find static files.
Then just run python manage.py collectstatic and Django will go through all your apps and pull everything from the folders called static within them and place everything in STATIC_ROOT.
This is why it's helpful to use the convention of putting a folder called myapp within static in myapp—because they all end up in the same folder.
See the docs for more: https://docs.djangoproject.com/en/2.0/howto/static-files/
We can use the webpack method. Could not find this tutorial easily on googling.
I've found plenty of advice for how to tackle static files in Django 1.x. Is there a best practices way to go about doing so?
There are may approaches to serving static files in Django, but Django 1.3 introduced a new option to handle them. Basically, you can define specific directories at a project level or at an app level that contain static media. Then via a management command, 'collectstatic', you can copy all of the static files in your project directory to a separate directory (likely external to your project) that is served by your webserver. This solves a lot of complications of the previous approaches.
1) It allows 3rd party apps to easily include static files in a standard way. No more creating symlinks from your webserver directory to locations inside of individual python/django modules.
2) It gives you more control over where your webserver can host its static files. For example, you can define all of your static media inside of you project under version control, but then copy it all to an external location anywhere on the filesystem. This prevents having to point your webserver to a location inside of your project.
3) Is splits out static media that that will never change from static media that is uploaded by a user using something like a FileField. This is good because you likely want to keep site-level static media in version control (to be installed on your dev servers), but user-submitted content will upload to a different directory (unlike versions of django prior to 1.3).
I think this functionality used to be a 3rd party module that was merged into core.
Here are the docs:
https://docs.djangoproject.com/en/dev/howto/static-files/
Basically there are a few new settings.py variables:
STATIC_ROOT - This is a directory on your filesystem that will be served by your webserver. When you run ./manage.py collectstatic, all of the static files from your project and it's apps will be copied into the directory that you specify here.
STATIC_URL - This is the url that you will set to represent what url base your content will be based from. If you set this value to "/static/", then "/static/" will prefix all urls of static media that included. You will also use this variable in your templates. For example, in your template, you could specify something like:
<img src="{{ STATIC_URL }}logo.png">
The STATIC_ROOT settings variable specifies where static files are copied to, but you also need to provide a location of where static files are copied from. This can be done by creating a directory in your individual Django apps called "static//", similar to what you would do for templates within an app. Upon running the collectstatic command, Django will copy all of the static files from all of the "static/" directories in all of your apps to the STATIC_ROOT directory. You can also use the STATICFILES_DIRS settings variable to define project-level directories to copy static media from.
Though there are many ways to serve static media, I think this is a nice api set in place by Django that will help with better integrating 3rd party modules. The fact that this feature is now included in core could give some indication that this approach may have gained some momentum.
Hope this helps,
Joe
Is it necessary to appoint MEDIA_ROOT, if indicated STATICFILES_DIRS? This issue arose when loading images - upload_to formed using MEDIA_ROOT and ignores STATICFILES_DIRS. If actually did not necessarily how to use upload_to with STATICFILES_DIRS?
Media and Static files might seem similar on first glance, but when you dig deeper you will find that Django draws a fine line between both. While Media usually refers to files uploaded by users, static files are created and bundled together with django apps.
The idea behind static files is, that upon release you can call
./manage.py collectstatic
and have all your static files from your apps (even 3rd party ones that live in egg files) collected into a given directory your HTTP server can serve directly (without any django/wsgi in the middle) for best performance.
The same holds true for Media files, but they are uploaded by users and not created by you or other app developers.
Hope that eases your confusion :-)
I recommend you take a look at the excellent documentation at the Django homepage:
Static files: https://docs.djangoproject.com/en/dev/howto/static-files/
Managing stored files: https://docs.djangoproject.com/en/1.3/topics/files/
My Django site lets users upload images. It's running on Apache.
Files are uploaded via a FileUpload form. The folder to which files are uploaded is outside the Django project, and protected as described here, i.e. the folder has 755 permissions and files have 644 permissions.
I now want to serve the images up to users - but I need to do it securely, so that executable scripts don't run, and so that users can't e.g. delete all the images in the directory.
My question is, how do I serve the uploaded images to users in a secure way? Can I serve them safely as static media directly from that folder, with those permissions? Or should I copy them into another directory with different permissions, and serve them from there?
I'm serving the other static media (/media/css) on the site as a separate, static application.
Thanks!
The way to do this is to configure your web server to serve files with the names it expects, and with a correct image content-type. Use Django's ImageField for some level of validation by PIL/Pillow that uploaded files are images. For this directory, disable webserver features like autogenerating directory indexes, autoserving everything from the filesystem, guessing at mime types, and running cgi scripts.