Nemesis Design
Hello, my name is Federico Capoano,
I enjoy developing cutting-edge websites
and working with creative people.
Django: Private File Upload and Serving
30th September 2010 in Coding Tags: django, programming, python, security, upload
In this post I want to share with you a quick tip that I couldn't learn just by browsing and reading the Django documentation (yea sometimes the solution is easier to find than what we think).
The standard Django FileFields assume you want to upload a file in a subdirectory of MEDIA_ROOT, what if you want to upload the file in a private directory above the web root, not accessible via http?
How can you serve the files then?
1. Enter Filesystem Storage Class
As explained in the Django Documentation, consider the following model:
# models.py from django.db import models class Myapp(models.Model): """ Your application """ file = models.FileField(upload_to='files')
And let's state for example that the apache web root is "/var/www/yoursite/public_html/" and we want the files to be uploaded in "/var/www/yoursite/private/".
# models.py from django.db import models from django.core.files.storage import FileSystemStorage fs = FileSystemStorage(location="/var/www/yoursite/private/") class Myapp(models.Model): """ Your application """ file = models.FileField(storage=fs)
You can even specify the "upload_to" parameter and django will upload the file in the subdirectory of "/var/www/yoursite/private/".
To make things nicer you can define the location in your settings file and then import the value in your models.py file:
# settings.py PRIVATE_DIR = '/var/www/yoursite/private/' # models.py from django.db import models from django.core.files.storage import FileSystemStorage from settings import PRIVATE_DIR fs = FileSystemStorage(location=PRIVATE_DIR) class Myapp(models.Model): """ Your application """ file = models.ImageField(upload_to='images', storage=fs)
This last examples tells django to upload images in "/var/www/yoursite/private/images/".
Serving files: enter django-filetransfers
To save time I used the interesting app django-filetransfers.
- Simply download it, unzip it (or use "tar xvf" if you download it as a gzip archive), cd into the folder and install the script by using "python setup.py install".
- Add "filetransfers" in your INSTALLED_APP tuple in settings.py.
- Create a view that will serve the file:
# view.py from django.shortcuts import get_object_or_404 from filetransfers.api import serve_file from myapp.models import Myapp def download(request, id): # get the object by id or raise a 404 error object = get_object_or_404(Myapp, pk=id) return serve_file(request, object.file)
It was much easier than what I thought in the beginning.
What I've really learned today
Sometimes using google to find quick answers is not the right way. It is better to look at the documentation with more attention.
With this article bytheway, I hope I will help other people to solve this problem quickly.
Thanks to Blaaman and Xavier Ordoquy in the Django Users Google Group. See question on Google Groups.
Categories
Let's be social
Popular posts
- Django: FileField with ContentType and File Size Validation
- IE8 doesn't like 1x1px semi-transparent backgrounds
- Nice Skip Links Appearing on :focus with CSS
- 10 Effective Business Card Design Tips
- How to setup StaticGenerator with Apache + mod_wsgi
Latest Comments
“ Amazing article..very helpful!! thanks ”
By Tami in 10 Effective Business Card Design Tips
“ Thanks for these codes! Every time I write blogs, I'm always find myself stuck with the number of tags I'm allowed to place. With customizable maximum tags number, problem solved. ”
By Mae Mole in Django Tagging Autocomplete Tag-It
“ Staticgenerator is lightning fast since well it's just about serving static html, however that's going to be a problem with any dynamic page sections. Thanks . ”
By halcion in How to get comments working with Django StaticGenerator
“ I like how your business card example displayed here matches your website design. It's really help me to make my new business card. ”
By halcion in 10 Effective Business Card Design Tips
“ I love the colour of the sand, the rocky wall, the waves and atmosphere... so relaxed and free. This post provide lot of information about the beauty of the nature. ”
By halcion in Sunrise Aguas Blancas Ibiza 10/10
Esam said:
( on 9th of May 2011 at 16:02 )
“if i want this app to upload pic directly from the internet eg: example.com/main.jpg .. what shoud i do in order to obtain this result ?”
Federico Capoano said:
( on 9th of May 2011 at 16:06 )
“This script doesn't serve this scope.”
maldives said:
( on 13th of September 2011 at 19:09 )
“very good... i agree with google thing i have been searching google for a week for this function... but its really simple... i was looking more for security
thank man
have a good day”
Jon said:
( on 25th of October 2011 at 04:00 )
“Thanks, this is a nice, simple explanation of serving private files. Very helpful.”