https://github.com/ionelmc/django-secdownload-storage

Django storage backend that can be used to serve files via lighttpd's mod_secdownload module.
https://github.com/ionelmc/django-secdownload-storage

Last synced: 6 months ago
JSON representation

Django storage backend that can be used to serve files via lighttpd's mod_secdownload module.

• Host: GitHub
• URL: https://github.com/ionelmc/django-secdownload-storage
• Owner: ionelmc
• License: bsd-2-clause
• Created: 2011-06-04T17:14:50.000Z (over 14 years ago)
• Default Branch: master
• Last Pushed: 2014-01-09T20:58:06.000Z (over 11 years ago)
• Last Synced: 2025-03-25T05:25:56.258Z (6 months ago)
• Language: Python
• Homepage: https://pypi.python.org/pypi/django-secdownload-storage
• Size: 117 KB
• Stars: 4
• Watchers: 3
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.rst
  • License: LICENSE

Awesome Lists containing this project

README

          
==========================

django-secdownload-storage

==========================

.. image:: https://badge.fury.io/py/django-secdownload-storage.png

    :alt: PYPI Package

    :target: https://pypi.python.org/pypi/django-secdownload-storage

Django storage backend that can be used to serve files via lighttpd's mod_secdownload module. This 

storage backend is an extension to the reqular FileSystemStorage that will generate proper signed 

download urls.

Installation

------------

::

  pip install django-secdownload-storage

  

or::

  easy_install django-secdownload-storage

or via source checkout::

  hg clone https://bitbucket.org/ionelmc/django-secdownload-storage

  cd django-secdownload-storage

  python setup.py install

Usage 

-----

In your django models you should add ``storage=SecDownloadFileSystemStorage()`` to the fields you 

want served via secdownload. 

Required settings: ::

  SEC_DOWNLOAD_ENABLED = True

  SEC_DOWNLOAD_SECRET_KEY = 'VERYVERYSECRET'

  SEC_DOWNLOAD_MEDIA_URL = MEDIA_URL + 'dl/'

Example model: ::

  import secdownload_storage

  

  class Foo(models.Model):

    secret_picture = models.ImageField(upload_to='secret-pictures', storage=secdownload_storage.SecDownloadFileSystemStorage())

You need to enable mod_secdownload and have configuration similar to this (see 

http://redmine.lighttpd.net/wiki/1/Docs:ModSecDownload for more info): ::

  secdownload.secret = "VERYVERYSECRET"

  secdownload.document-root = "/path/to/media"

  secdownload.uri-prefix = "/dl/"

  secdownload.timeout = 3600

    

Also, note that you should disallow access to those files in the lighttpd configuration as they 

would be served with your regular media files. Eg: ::

  $HTTP["url"] =~ "^/media/secret-pictures" {

      url.access-deny = ("")

  }

Configuration

-------------

* SEC_DOWNLOAD_ENABLED - set this to False to disable signing the urls and generate them like 

  FileSystemStorage. This is useful for development (if you use django's devserver).

* SEC_DOWNLOAD_SECRET_KEY - this is the secret key that is used to sign the requests  

* SEC_DOWNLOAD_MEDIA_URL - this is the prefix path that's used instead of MEDIA_URL when 

  SEC_DOWNLOAD_ENABLED is set to True. If SEC_DOWNLOAD_ENABLED is set to False 

  SecDownloadFileSystemStorage will use MEDIA_URL for the prefix instead.

.. image:: https://d2weczhvl823v0.cloudfront.net/ionelmc/django-secdownload-storage/trend.png

   :alt: Bitdeli badge

   :target: https://bitdeli.com/free