I have certain documents that I want to limit access to through Django to authorized users with permissions only.
If I'm going to use Django as a proxy to serve static files in a view, what are the implications? I'm used to serving static files in Apache and configuring that my media is served without any handlers, but what happens if someone starts downloading 500mb through my Django proxy? Will my Django thread be locked for that user until he recieves the 500mb response?
See the answers to this question to learn how to tell the web server to handle serving the file.
You could use apache auth from django.contrib.auth.handlers.modpython for the permission handling.
Related
I have set up an S3 bucket on AWS where I upload my sensitive ‘media’ files from my Django DRF + React app. The files are not public. I use boto3 and Django-storages for that and the upload process works fine. I can also download the files for report generation from backend to return PDF response.
I would now like to display those files one by one from frontend. It seems like I now have two options:
Create a route in Django API/urls to handle media requests and point the app to the media directory. This way, the AWS login is handled by the backend server. This seems to beat the point of using a CDN as all media requests would go via the backend server?
Incorporate login credentials to React front end. This seems insecure.
What would be the recommended way to achieve this? I can’t seem to find the required information.
Thank you.
I know to host my Django projects in pythonanywhere or something else. But, I need to know is that possible to host a Django project in Firebase Hosting Services.
Firebase Hosting only supports static content. It does not give you a way to run any backend code. You can use Firebase Hosting to proxy some requests to a Cloud Functions backend, but Cloud Functions provides its own way of handling HTTP requests.
I am struggling to set up for authentication with apache and mod wsgi in Django.
I have a big question mark. It is fundamental question for me before beginning to use basic or digest authentication in apache really.
Why do you need basic or digest authentication in Django in the first place? Django has own authentication system. You can manage permissions with user and permission itself in Django.
I think there is a clear case that you need this apache authentication. I don't think people put effort to explains how to set up for using apache authentication with mod wsgi in Django manual if you don't need it at all.
In Django manual,
for example, you could:
1.Serve static/media files directly from Apache only to authenticated users.
2.Authenticate access to a Subversion repository against Django users with a certain permission.
3.Allow certain users to connect to a WebDAV share created with mod_dav.
Even after reading this setence and manual repeatly, I can't come up with some situation which need to select using apache authentication for the best option.
why do you need to use apache authentication in Django or in Which special situation do you need it?
Both apache and django authentication are different. First one is web server level and next is application level.
One thing, there will be some urls accessible both login and without login.This type of auth cannot be set in apache(from my knowledge).You can do it in inside django.
I have a webservices application written in django to which the communication is through andriod app. I have an API call which uploads the images to a media url specified in settings. I have to serve the uploaded files as publicly downloadable files as they will be accessed by the andriod app through API call. This is the reason why I cannot use forms as Django documentation explains. I am using apache to serve my django application through mod_wsgi.
Please help me out on this.
With two web servers serving the same Django application with the same underlying database, I could now balance all requests between the two servers.
Sessions are stored in the DB. Static media can be handled the same as if I used a content-delivery network (CDN).
But how do I handle user-uploaded media files that sit on a local filesystem of the webserver that receives the upload POST?
Obviously, the second server will miss these files.
What is a reliable solution? NFS to some third server? Constantly running Unison or using a DVCS like Mercurial oder git?
Static media can be handled the same as if I used a content-delivery
network (CDN).
There is your answer. Upload user media to a CDN. Checkout out django-storages for an S3 or Cloudfiles storage backend.
I personally use NFS to a third server, which then serves directly all the media when requested. This reduce the NFS usage to the upload phase, and the media server can be optimized for static assets.