django-secdownload-storage

Django storage backend that can be used to serve files via lighttpd's mod_secdownload module. This storage backend is an extension to the reqular FileSystemStorage that will generate proper signed download urls.

These details have not been verified by PyPI

Project links

Homepage

Development Status
- 4 - Beta
Framework
- Django
Intended Audience
- Developers
License
- OSI Approved :: BSD License
Operating System
- OS Independent
Programming Language
- Python
Topic
- Internet :: WWW/HTTP

Project description

Django storage backend that can be used to serve files via lighttpd’s mod_secdownload module. This storage backend is an extension to the reqular FileSystemStorage that will generate proper signed download urls.

Installation

pip install django-secdownload-storage

or:

easy_install django-secdownload-storage

or via source checkout:

hg clone https://bitbucket.org/ionelmc/django-secdownload-storage
cd django-secdownload-storage
python setup.py install

Usage

In your django models you should add storage=SecDownloadFileSystemStorage() to the fields you want served via secdownload.

Required settings:

SEC_DOWNLOAD_ENABLED = True
SEC_DOWNLOAD_SECRET_KEY = 'VERYVERYSECRET'
SEC_DOWNLOAD_MEDIA_URL = MEDIA_URL + 'dl/'

Example model:

import secdownload_storage

class Foo(models.Model):
  secret_picture = models.ImageField(upload_to='secret-pictures', storage=secdownload_storage.SecDownloadFileSystemStorage())

You need to enable mod_secdownload and have configuration similar to this (see http://redmine.lighttpd.net/wiki/1/Docs:ModSecDownload for more info):

secdownload.secret = "VERYVERYSECRET"
secdownload.document-root = "/path/to/media"
secdownload.uri-prefix = "/dl/"
secdownload.timeout = 3600

Also, note that you should disallow access to those files in the lighttpd configuration as they would be served with your regular media files. Eg:

$HTTP["url"] =~ "^/media/secret-pictures" {
    url.access-deny = ("")
}

Configuration

SEC_DOWNLOAD_ENABLED - set this to False to disable signing the urls and generate them like FileSystemStorage. This is useful for development (if you use django’s devserver).
SEC_DOWNLOAD_SECRET_KEY - this is the secret key that is used to sign the requests
SEC_DOWNLOAD_MEDIA_URL - this is the prefix path that’s used instead of MEDIA_URL when SEC_DOWNLOAD_ENABLED is set to True. If SEC_DOWNLOAD_ENABLED is set to False SecDownloadFileSystemStorage will use MEDIA_URL for the prefix instead.

Project details

These details have not been verified by PyPI

Project links

Homepage

Development Status
- 4 - Beta
Framework
- Django
Intended Audience
- Developers
License
- OSI Approved :: BSD License
Operating System
- OS Independent
Programming Language
- Python
Topic
- Internet :: WWW/HTTP

Release history Release notifications | RSS feed

This version

0.1.1

Jun 4, 2011

0.1.0

May 13, 2011

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-secdownload-storage-0.1.1.tar.gz (2.7 kB view details)

Uploaded Jun 4, 2011 Source

File details

Details for the file django-secdownload-storage-0.1.1.tar.gz.

File metadata

Download URL: django-secdownload-storage-0.1.1.tar.gz
Upload date: Jun 4, 2011
Size: 2.7 kB
Tags: Source
Uploaded using Trusted Publishing? No

File hashes

Hashes for django-secdownload-storage-0.1.1.tar.gz
Algorithm	Hash digest
SHA256	`565e0fd05fcc0c7f12ecd621b99d29361f89000620d408c391cd6cdab082c105`
MD5	`5aca50600dd235ae80e07afaac67980c`
BLAKE2b-256	`1e45bb2eeb77217d654ee66ebcc0bf809f957331cb22fe5a989cc9cfcde28a32`