How can I serve static files while requiring Django-based access permissions?
Dear Django Users,
tl;dr: Please tell me what strategies I might use to serve a large
static file from within Django, from views.py.
If I want to limit access to a particular page in a Django app, I can
do something like this in views.py:
(Note: I will use four periods to indent, because spaces or tabs might
not display properly.)
def private_page(request):
if special_permissions_checking_function(request.user):
return render_to_response('private_page_template.html')
else:
return render_to_response('access_denied.html')
What if I want to limit access to a large static file, instead of a
dynamically generated HTML template?
Ideally the resulting website will be fast, but I also want to hear
options that might be low performance.
Thank you,
Zak
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
Re: How can I serve static files while requiring Django-based access permissions?
On Tue, Nov 8, 2011 at 2:11 PM, zak2011 wrote:
> Dear Django Users,
>
> tl;dr: Please tell me what strategies I might use to serve a large
> static file from within Django, from views.py.
>
> If I want to limit access to a particular page in a Django app, I can
> do something like this in views.py:
>
> (Note: I will use four periods to indent, because spaces or tabs might
> not display properly.)
>
> def private_page(request):
> if special_permissions_checking_function(request.user):
> return render_to_response('private_page_template.html')
> else:
> return render_to_response('access_denied.html')
>
> What if I want to limit access to a large static file, instead of a
> dynamically generated HTML template?
>
>
The fastest way to do this is to tell the web server to serve the file from
a protected location. Apache and nginx both have ways to signal from python
code that a file should be read from disk and streamed to the user. This
file doesn't have to be in a location which is accessible through a normal
web request; ideally all access to it would be through your app, and you
can do whatever access checks that you want to before serving it.
Look up X-SENDFILE for Apache, or X-Accel-Redirect for nginx for the
details.
Ian
> Ideally the resulting website will be fast, but I also want to hear
> options that might be low performance.
>
> Thank you,
>
> Zak
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>
--
Regards,
Ian Clelland
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
Re: How can I serve static files while requiring Django-based access permissions?
Thank you, that is a very helpful suggestion.
However, I have a followup question. What are my options if:
1. It is okay to be slow (low performance), and
2. The method must work on any webserver, not necessarily or
specifically Apache or Nginx.
In pure Python/Django, how do I open a file on the hard disk and put
it into an HttpResponse object? Is FileWrapper involved? How come I
can't find any documentation on 'FileWrapper' by searching
djangoproject.org?
Thanks again,
Zak
On Nov 8, 5:25 pm, Ian Clelland wrote:
> On Tue, Nov 8, 2011 at 2:11 PM, zak2011 wrote:
> > Dear Django Users,
>
> > tl;dr: Please tell me what strategies I might use to serve a large
> > static file from within Django, from views.py.
>
> > If I want to limit access to a particular page in a Django app, I can
> > do something like this in views.py:
>
> > (Note: I will use four periods to indent, because spaces or tabs might
> > not display properly.)
>
> > def private_page(request):
> > if special_permissions_checking_function(request.user):
> > return render_to_response('private_page_template.html')
> > else:
> > return render_to_response('access_denied.html')
>
> > What if I want to limit access to a large static file, instead of a
> > dynamically generated HTML template?
>
> The fastest way to do this is to tell the web server to serve the file from
> a protected location. Apache and nginx both have ways to signal from python
> code that a file should be read from disk and streamed to the user. This
> file doesn't have to be in a location which is accessible through a normal
> web request; ideally all access to it would be through your app, and you
> can do whatever access checks that you want to before serving it.
>
> Look up X-SENDFILE for Apache, or X-Accel-Redirect for nginx for the
> details.
>
> Ian
>
>
>
> > Ideally the resulting website will be fast, but I also want to hear
> > options that might be low performance.
>
> > Thank you,
>
> > Zak
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Django users" group.
> > To post to this group, send email to django-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> > django-users+unsubscr...@googlegroups.com.
> > For more options, visit this group at
> >http://groups.google.com/group/django-users?hl=en.
>
> --
> Regards,
> Ian Clelland
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
Re: How can I serve static files while requiring Django-based access permissions?
On Tue, Nov 8, 2011 at 11:12 PM, zak wrote: > Thank you, that is a very helpful suggestion. > > However, I have a followup question. What are my options if: > > 1. It is okay to be slow (low performance), and > 2. The method must work on any webserver, not necessarily or > specifically Apache or Nginx. > > In pure Python/Django, how do I open a file on the hard disk and put > it into an HttpResponse object? Is FileWrapper involved? How come I > can't find any documentation on 'FileWrapper' by searching > djangoproject.org? > > Thanks again, > > Zak > In that case, just use django.views.static.serve: from django.views.static import serve def myview(request): ... return serve(request, document_root="/path/to/dir/holding/file" path="filename.doc") It is significantly slower than asking the web server to do it though - I assume you are doing this as this will be a pluggable app? If so, you should control this behaviour with a settings option, so that people can do it the optimal way if they want. Cheers Tom -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: How can I serve static files while requiring Django-based access permissions?
Thanks for another great suggestion. My really pressing questions have been successfully answered, I now have a high-performance solution for the final version and a purely Python/Django solution for initial testing and demos. Hopefully I can figure out how to make the high-performance solution work, dealing with Apache or Nginx is not nearly as fun as Python. Background, for the curious: Tom's guess that I am making a pluggable app is close; I am making an app that will be deployed in at least two configurations (Windows and Linux) using probably two different HTTP servers (Apache and undecided). I want it to work before I have fully learned the ins and outs of each HTTP server on each OS, so I can use django.views.static.serve for early testing and demos. Zak On Nov 9, 5:27 am, Tom Evans wrote: > > In that case, just use django.views.static.serve: > > from django.views.static import serve > > def myview(request): > ... > return serve(request, document_root="/path/to/dir/holding/file" > path="filename.doc") > > It is significantly slower than asking the web server to do it though > - I assume you are doing this as this will be a pluggable app? If so, > you should control this behaviour with a settings option, so that > people can do it the optimal way if they want. > > Cheers > > Tom -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
