Nemesis Design
Hello, my name is Federico Capoano,
I enjoy developing cutting-edge websites
and working with creative people.
Django: Private File Upload and Serving
30th September 2010 in Coding Tags: django, programming, python, security, upload
In this post I want to share with you a quick tip that I couldn't learn just by browsing and reading the Django documentation (yea sometimes the solution is easier to find than what we think).
The standard Django FileFields assume you want to upload a file in a subdirectory of MEDIA_ROOT, what if you want to upload the file in a private directory above the web root, not accessible via http?
How can you serve the files then?
1. Enter Filesystem Storage Class
As explained in the Django Documentation, consider the following model:
# models.py from django.db import models class Myapp(models.Model): """ Your application """ file = models.FileField(upload_to='files')
And let's state for example that the apache web root is "/var/www/yoursite/public_html/" and we want the files to be uploaded in "/var/www/yoursite/private/".
# models.py from django.db import models from django.core.files.storage import FileSystemStorage fs = FileSystemStorage(location="/var/www/yoursite/private/") class Myapp(models.Model): """ Your application """ file = models.FileField(storage=fs)
You can even specify the "upload_to" parameter and django will upload the file in the subdirectory of "/var/www/yoursite/private/".
To make things nicer you can define the location in your settings file and then import the value in your models.py file:
# settings.py PRIVATE_DIR = '/var/www/yoursite/private/' # models.py from django.db import models from django.core.files.storage import FileSystemStorage from settings import PRIVATE_DIR fs = FileSystemStorage(location=PRIVATE_DIR) class Myapp(models.Model): """ Your application """ file = models.ImageField(upload_to='images', storage=fs)
This last examples tells django to upload images in "/var/www/yoursite/private/images/".
Serving files: enter django-filetransfers
To save time I used the interesting app django-filetransfers.
- Simply download it, unzip it (or use "tar xvf" if you download it as a gzip archive), cd into the folder and install the script by using "python setup.py install".
- Add "filetransfers" in your INSTALLED_APP tuple in settings.py.
- Create a view that will serve the file:
# view.py from django.shortcuts import get_object_or_404 from filetransfers.api import serve_file from myapp.models import Myapp def download(request, id): # get the object by id or raise a 404 error object = get_object_or_404(Myapp, pk=id) return serve_file(request, object.file)
It was much easier than what I thought in the beginning.
What I've really learned today
Sometimes using google to find quick answers is not the right way. It is better to look at the documentation with more attention.
With this article bytheway, I hope I will help other people to solve this problem quickly.
Thanks to Blaaman and Xavier Ordoquy in the Django Users Google Group. See question on Google Groups.
Categories
Let's be social
Popular posts
- Django: FileField with ContentType and File Size Validation
- IE8 doesn't like 1x1px semi-transparent backgrounds
- Nice Skip Links Appearing on :focus with CSS
- 10 Effective Business Card Design Tips
- How to setup StaticGenerator with Apache + mod_wsgi
Latest Comments
“ nice site i really learn a lot more power to your blog <a href="http://staying-healthy.info">healthy living</a> ”
By health is wealth in Nice Skip Links Appearing on :focus with CSS
“ Very strange bug- thanks for the fix! ”
By Andrew Chart in IE8 doesn't like 1x1px semi-transparent backgrounds
“ Completely agree about keeping it simple, sometimes people try a little too hard ”
By ryan in 10 Effective Business Card Design Tips
“ I just wanted to say that your blog has been really useful. ”
By Kerala in Django: How to Retrieve Query String Parameters
“ Thank you this was exactly what I have been searching for. ”
By Kerala in Django Tagging Autocomplete Tag-It
Esam said:
( on 9th of May 2011 at 16:02 )
“if i want this app to upload pic directly from the internet eg: example.com/main.jpg .. what shoud i do in order to obtain this result ?”
Federico Capoano said:
( on 9th of May 2011 at 16:06 )
“This script doesn't serve this scope.”
maldives said:
( on 13th of September 2011 at 19:09 )
“very good... i agree with google thing i have been searching google for a week for this function... but its really simple... i was looking more for security
thank man
have a good day”
Jon said:
( on 25th of October 2011 at 04:00 )
“Thanks, this is a nice, simple explanation of serving private files. Very helpful.”