Comments have been closed for this post.
Nemesis Design
Hello, my name is Federico Capoano,
I enjoy developing cutting-edge websites
and working with creative people.
Django: Private File Upload and Serving
30th September 2010 in Coding Tags: django, programming, python, security, upload
In this post I want to share with you a quick tip that I couldn't learn just by browsing and reading the Django documentation (yea sometimes the solution is easier to find than what we think).
The standard Django FileFields assume you want to upload a file in a subdirectory of MEDIA_ROOT, what if you want to upload the file in a private directory above the web root, not accessible via http?
How can you serve the files then?
1. Enter Filesystem Storage Class
As explained in the Django Documentation, consider the following model:
# models.py from django.db import models class Myapp(models.Model): """ Your application """ file = models.FileField(upload_to='files')
And let's state for example that the apache web root is "/var/www/yoursite/public_html/" and we want the files to be uploaded in "/var/www/yoursite/private/".
# models.py from django.db import models from django.core.files.storage import FileSystemStorage fs = FileSystemStorage(location="/var/www/yoursite/private/") class Myapp(models.Model): """ Your application """ file = models.FileField(storage=fs)
You can even specify the "upload_to" parameter and django will upload the file in the subdirectory of "/var/www/yoursite/private/".
To make things nicer you can define the location in your settings file and then import the value in your models.py file:
# settings.py PRIVATE_DIR = '/var/www/yoursite/private/' # models.py from django.db import models from django.core.files.storage import FileSystemStorage from settings import PRIVATE_DIR fs = FileSystemStorage(location=PRIVATE_DIR) class Myapp(models.Model): """ Your application """ file = models.ImageField(upload_to='images', storage=fs)
This last examples tells django to upload images in "/var/www/yoursite/private/images/".
Serving files: enter django-filetransfers
To save time I used the interesting app django-filetransfers.
- Simply download it, unzip it (or use "tar xvf" if you download it as a gzip archive), cd into the folder and install the script by using "python setup.py install".
- Add "filetransfers" in your INSTALLED_APP tuple in settings.py.
- Create a view that will serve the file:
# view.py from django.shortcuts import get_object_or_404 from filetransfers.api import serve_file from myapp.models import Myapp def download(request, id): # get the object by id or raise a 404 error object = get_object_or_404(Myapp, pk=id) return serve_file(request, object.file)
It was much easier than what I thought in the beginning.
What I've really learned today
Sometimes using google to find quick answers is not the right way. It is better to look at the documentation with more attention.
With this article bytheway, I hope I will help other people to solve this problem quickly.
Thanks to Blaaman and Xavier Ordoquy in the Django Users Google Group. See question on Google Groups.
Categories
Let's be social
Popular posts
- Django Tagging Autocomplete Tag-It
- Django: FileField with ContentType and File Size Validation
- 10 Effective Business Card Design Tips
- How to setup StaticGenerator with Apache + mod_wsgi
- IE8 doesn't like 1x1px semi-transparent backgrounds
Latest Comments
“ I got very good results with this, thanks for sharing. ”
By Yasir Atabani in How to speed up tests with Django and PostgreSQL
“ Hi Amad, for any question regarding OpenWISP, use one of the support channels: http://openwisp.org/support.html ”
By Federico Capoano in How to install OpenWISP
“ Sir please guid , i have install the ansible-openwisp2 , now how to add the access points . What is the next procedure . Please help. ”
By Ahmad in How to install OpenWISP
“ Hi Ronak, for any question regarding OpenWISP, use one of the support channels: http://openwisp.org/support.html ”
By Federico Capoano in netjsonconfig: convert NetJSON to OpenWRT UCI
“ Hi, I have installed openwisp controller using ansible playbook. Now, i am adding the configurations automatically using OPENWRT devices in openwisp file by specifying shared_key so can you suggest me if I want to set limit to add configuration how can i do it? ”
By Ronak in netjsonconfig: convert NetJSON to OpenWRT UCI
Esam said:
( on 9th of May 2011 at 16:02 )
“if i want this app to upload pic directly from the internet eg: example.com/main.jpg .. what shoud i do in order to obtain this result ?”
Federico Capoano said:
( on 9th of May 2011 at 16:06 )
“This script doesn't serve this scope.”
maldives said:
( on 13th of September 2011 at 19:09 )
“very good... i agree with google thing i have been searching google for a week for this function... but its really simple... i was looking more for security
thank man
have a good day”
Jon said:
( on 25th of October 2011 at 04:00 )
“Thanks, this is a nice, simple explanation of serving private files. Very helpful.”
laurent said:
( on 14th of August 2012 at 16:41 )
“like said Jon
Thanks, this is a nice, simple explanation of serving private files. Very helpful.”
ricardo said:
( on 17th of April 2013 at 16:07 )
“Thanks a lot. This post was very helpful for me. It works nice !”
Stephanie said:
( on 6th of April 2015 at 23:11 )
“I've designated the new location to where the file should be uploaded and that works great!
But, in my template, when I try to display the image, it doesn't work? I had originally been using
src="{{STATIC_URL}}upload/{{ dataset.dataset_image }}"
but, now that I changed the location, I just hard coded the location in the template for now. Why doesn't the uploaded image display??
src="/Users/me/projects/uploadimages/{{ dataset.dataset_image }}"”