Django and Nginx X-accel-redirect

你离开我真会死。 提交于 2019-12-04 01:41:57

问题


I have been fumbling around with trying to protect Django's media files with no luck so far! I am simply trying to make it where ONLY admin users can access the media folder. Here is my Nginx file.

server {
    listen 80;
    server_name xxxxxxxxxx;

    location = /favicon.ico {access_log off; log_not_found off;}
    location /static/ {
          alias /home/{site-name}/static_cdn/;
   }
   location /media/ {
          internal;
          root /home/{site-name}/;
   }

   location / {
this is setup and working. Didn't include Code though

}

My Url File

urlpatterns = [
    url(r'^media/', views.protectedMedia, name="protect_media"),
] 

And my view

def protectedMedia(request):

    if request.user.is_staff:
        response = HttpResponse()
        response['Content-Type'] = ''
        response['X-Accel-Redirect'] = request.path
        return response

    else:
        return HttpResponse(status=400)

This is producing a 404 Not Found Nginx error. Does anything look blatantly wrong here? Thanks!

BTW, I have tried adding /media/ to the end of the root URL in the Nginx settings.


回答1:


This is what fixed this issue thanks to @Paulo Almeida.

In the nginx file I changed what I previosly had too...

   location /protectedMedia/ {
          internal;
          root /home/{site-name}/;
   }

My url is...

url(r'^media/', views.protectedMedia, name="protect_media"),

And the View is...

def protectedMedia(request):

    if request.user.is_staff:
        response = HttpResponse(status=200)
        response['Content-Type'] = ''
        response['X-Accel-Redirect'] = '/protectedMedia/' + request.path
        return response

    else:
        return HttpResponse(status=400)

This works perfectly! Now only admin users can access the media files stored in my media folder.



来源:https://stackoverflow.com/questions/45872539/django-and-nginx-x-accel-redirect

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!